RE: Content Security Policy Headers Stopping Onclick Events

This section is for posting questions which are not directly related to WYSIWYG Web Builder.
Examples of off topics: web server configuration, hosting, programming related questions, third party scripts.

Note that these questions will generally not be answered by the administrators of this forum.
Post Reply
bunglebonce
 
 
Posts: 15
Joined: Thu Sep 18, 2014 12:22 pm

RE: Content Security Policy Headers Stopping Onclick Events

Post by bunglebonce »

Hello,

I am currently testing web pages following Content Security Policy guidelines using Web Builder 11.6.3.

As I am sure you will know, by setting a specific CSP header on your web page, inline javascript no longer works, and you have to put your javascript code in linked files.

So, with the CSP header included on the page, onclick events generated in Web Builder no longer work.

For example, if I create a panel layer in Web Builder and a button that displays the panel when clicked, the onclick event that would show the panel no longer works with the CSP header added to the page.

Is there a way to solve this problem?

I have been replacing onclick with addEventListener on pages I have written myself, but I do not know how to do this with Web Builder Generated code.

Any help would be much appreciated.

Thank you
User avatar
BaconFries
 
 
Posts: 5328
Joined: Thu Aug 16, 2007 7:32 pm

Re: RE: Content Security Policy Headers Stopping Onclick Events

Post by BaconFries »

Moved this to "Off Topic Section" as not directly related to the function of programme. From my understanding of this then you will then need to implement "directives" these can be in a . htaccess file or with meta tags. You can read more about using at the following:
CSP
User avatar
Pablo
 
Posts: 21578
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: RE: Content Security Policy Headers Stopping Onclick Events

Post by Pablo »

Events are always inline functions, there is no way to change this.
Post Reply