webpack-dev-server v5 seems to require 'unsafe-eval'
in CSP
#18073
-
I'm opening this as a discussion first to get input as this could either be a bug or documentation issue with In a nutshell I've updated a Rails application generated using this template which defines a CSP and includes some extras for Apparently this is happening here: Which is from node_modules/webpack-dev-server/client/modules/logger/index.js. I've had a look around and can't find anything indicating what has actually changed in v5 to cause this (my assumption is maybe a different build config, but could be something else, and this might just be the first of a number of these calls 🤷), but ideally it would be good if we could somehow avoid having to change the CSP since we want it to match as closely to production as possible for debugging and in particular enabling I'm happy to help out with this, but need some pointers from the webpack team to continue :) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
Yes, I see, let's fix it, I will see today |
Beta Was this translation helpful? Give feedback.
Yes, I see, let's fix it, I will see today