C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,995 questions
Can we use script-src 'self' 'unsafe-inline' in the content security policy of the .net application?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 78%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMV%3C/text%3E%3C/svg%3E)
MSUser V
1
Reputation point
In our asp.net SharePoint application, we have used script-src 'self' 'unsafe-inline' in the content security policy as sharepoint is generating some inline javascript code dynamically at runtime. But CSP validator showed red flag for using 'unsafe-inline'. Could you please suggest we can use 'self' 'unsafe-inline' as sharepoint framework itself has some inline codes or any other recommendation?
C#
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,619 questions
{count} votes
-
Baker Kong-MSFT 3,801 Reputation points2020-11-30T08:33:19.533+00:00 Hi @MSUser V ,
What kind of application you're developing? Is it an isolated web site or an SP solution? How do you configure script-src? And what about the error msg?
Thanks
Baker Kong
Sign in to comment
Sign in to answer