Hello,
I am currently testing web pages following Content Security Policy guidelines using Web Builder 11.6.3.
As I am sure you will know, by setting a specific CSP header on your web page, inline javascript no longer works, and you have to put your javascript code in linked files.
So, with the CSP header included on the page, onclick events generated in Web Builder no longer work.
For example, if I create a panel layer in Web Builder and a button that displays the panel when clicked, the onclick event that would show the panel no longer works with the CSP header added to the page.
Is there a way to solve this problem?
I have been replacing onclick with addEventListener on pages I have written myself, but I do not know how to do this with Web Builder Generated code.
Any help would be much appreciated.
Thank you
RE: Content Security Policy Headers Stopping Onclick Events
-
bunglebonce
-
- Posts: 15
- Joined: Thu Sep 18, 2014 12:22 pm
-
BaconFries
-
- Posts: 5933
- Joined: Thu Aug 16, 2007 7:32 pm
Re: RE: Content Security Policy Headers Stopping Onclick Events
Moved this to "Off Topic Section" as not directly related to the function of programme. From my understanding of this then you will then need to implement "directives" these can be in a . htaccess file or with meta tags. You can read more about using at the following:
CSP
CSP
Re: RE: Content Security Policy Headers Stopping Onclick Events
Events are always inline functions, there is no way to change this.