Uploaded image for project: 'Jira Service Management Cloud'
  1. Jira Service Management Cloud
  2. JSDCLOUD-8438

JSD - widget violates CSP-policies

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      We have embedded the JSD-widget. But the browser console is spitting out warnings and lowers the CSP-compliance level of our site.

      => It would be great if you could have a look and improve the CSP-compliance.

      mbed.ts:40 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-ck0c4o54800000tmo357heu62' 
[https://jsd-widget.atlassian.com|https://jsd-widget.atlassian.com/]
". Either the 'unsafe-inline' keyword, a hash ('sha256-unawk8oxMjxPG04UXJudRjZPb/aQ/CshgfawzK+tomg='), or a nonce ('nonce-...') is required to enable inline execution.

              Unassigned Unassigned
              993afe6e7991 Marc Gerstmair
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: