[wp-trac] [WordPress Trac] #62894: Media Library functionality in the block editor causes CSP 'unsafe-eval' error
WordPress Trac
noreply at wordpress.org
Sun Feb 2 21:24:00 UTC 2025
#62894: Media Library functionality in the block editor causes CSP 'unsafe-eval'
error
--------------------------------+-----------------------------------------
Reporter: michelleblanchette | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Editor | Version: 6.7.1
Severity: normal | Resolution:
Keywords: | Focuses: javascript, administration
--------------------------------+-----------------------------------------
Comment (by jornfranke):
Thanks a lot! I support that this ticket should be solved. We should not
have in a content management system a CSP that needs to allow unsafe-*. A
CMS is used by many people that may accidentality or maliciously do XSS or
put hidden trackers.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62894#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list