JSD - widget violates CSP-policies

XMLWordPrintable

      We have embedded the JSD-widget. But the browser console is spitting out warnings and lowers the CSP-compliance level of our site.

      => It would be great if you could have a look and improve the CSP-compliance.

      mbed.ts:40 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-ck0c4o54800000tmo357heu62' 
[https://jsd-widget.atlassian.com|https://jsd-widget.atlassian.com/]
". Either the 'unsafe-inline' keyword, a hash ('sha256-unawk8oxMjxPG04UXJudRjZPb/aQ/CshgfawzK+tomg='), or a nonce ('nonce-...') is required to enable inline execution.

            Assignee:
            Unassigned
            Reporter:
            Marc Gerstmair
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: