RE: Content Security Policy Headers Stopping Onclick Events
Posted: Tue Nov 28, 2017 12:14 pm
Hello,
I am currently testing web pages following Content Security Policy guidelines using Web Builder 11.6.3.
As I am sure you will know, by setting a specific CSP header on your web page, inline javascript no longer works, and you have to put your javascript code in linked files.
So, with the CSP header included on the page, onclick events generated in Web Builder no longer work.
For example, if I create a panel layer in Web Builder and a button that displays the panel when clicked, the onclick event that would show the panel no longer works with the CSP header added to the page.
Is there a way to solve this problem?
I have been replacing onclick with addEventListener on pages I have written myself, but I do not know how to do this with Web Builder Generated code.
Any help would be much appreciated.
Thank you
I am currently testing web pages following Content Security Policy guidelines using Web Builder 11.6.3.
As I am sure you will know, by setting a specific CSP header on your web page, inline javascript no longer works, and you have to put your javascript code in linked files.
So, with the CSP header included on the page, onclick events generated in Web Builder no longer work.
For example, if I create a panel layer in Web Builder and a button that displays the panel when clicked, the onclick event that would show the panel no longer works with the CSP header added to the page.
Is there a way to solve this problem?
I have been replacing onclick with addEventListener on pages I have written myself, but I do not know how to do this with Web Builder Generated code.
Any help would be much appreciated.
Thank you