Hello,
I’m trying to create a custom page watching the video guide in the documentation: UI Development Kit | SailPoint Developer Community but I got an error in the login page. I have cloned and updated the project in Visual Studio Code, I run the project (npm run dev) and I got this error in the console browser right after providing the tenant information:
Uncaught EvalError: Refused to evaluate a string as JavaScript because ‘unsafe-eval’ is not an allowed source of script in the following Content Security Policy directive: "script-src ‘self’ ‘unsafe-inline’ .
The Content Security Policy (CSP) prevents the evaluation of arbitrary strings as JavaScript to make it more difficult for an attacker to inject unathorized code on your site.
To solve this issue, avoid using eval(), new Function(), setTimeout([string], ...) and setInterval([string], ...) for evaluating strings.
I see the CSP is set in the code:
session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
callback({
responseHeaders: {
...details.responseHeaders,
'Content-Security-Policy': ["script-src 'self' 'unsafe-inline' *" ]
}
});
});
I was trying to change the labels for the policy, and if I remove them I get to the login page and I can login but then I get a 500 error. Do you know which label I need to add?
Any help will be much appreciated.
Thanks,
Jio