SharePoint Subscription Edition JS error After 2022 March Update

Question

Hello everyone,

After SharePoint Subscription Edition 2022 March Update installation, Some menus of the Modern Sites' throw js exception via the dev console.

For example: Site Information link and Site Permissions link.

Home.aspx:1   
          
       [Report Only] Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-8cc6d271-043f-4ba3-a97f-847340968cae'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.  
  
Home.aspx:1   
          
       [Report Only] Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-8cc6d271-043f-4ba3-a97f-847340968cae'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.  
  
sp-pages-assembly.js?uniqueId=zAU7Q:105   
          
       Uncaught (in promise) TypeError: e.render is not a function  
    at sp-pages-assembly.js?uniqueId=zAU7Q:105  
(anonymous) @ sp-pages-assembly.js?uniqueId=zAU7Q:105  
Promise.then (async)  
_isSiteInformationLinkEnabled.window._spLaunchSiteSettings.window._spLaunchSiteSettings @ sp-pages-assembly.js?uniqueId=zAU7Q:105  
(anonymous) @ VM197:1  

Do you have any ideo to solve this problem? Or am i have to wait April Update?

Answer 1

Hi @Hasan Köroğlu ,

I am not sure if this issue is related to 2022 March Update. But this a blog about How to fix 'because it violates the following content security policy directive'.

From this blog you could move the inline resource to it's own file if the blocked resource is an inline resource.

If the blocked resource is an external file, it should be added to the policy. For example above, if we had the error message Refused to load the script 'https://cdn.mycompany.com/scripts.js' because it violates the following directive 'script-src', we need to add "https://cdn.mycompany.com/script.js" to the "script-src" directive of the policy. There are tools that can automatically generate policies such as CSP Generator.
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

Hi Casey,

I posted same issue on the tech community forum. And thanks to Steve Zhang, he explained the problem. The problem was about March Update. I'll wait for the fix. Thanks again. https://techcommunity.microsoft.com/t5/sharepoint-server-subscription/sharepoint-subscription-edition-js-error-after-2022-march-update/m-p/3263863