deferred loading does not work in csp mode. #16898
Comments
|
Issue #10820 has been merged into this issue. |
|
Issue #20901 has been merged into this issue. |
|
This seems likely to be a problem. For example, the Intl library now uses deferred loading for message catalogs. I stumbled across this in updating a sample, but it seems likely to come up in a customer context before too long. Do we have plans to address this? |
|
I looked into it, and it seemed easier than expected: The testcase from dartbug/20901 still has that CONSOLE ERROR: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'". Added Started label. |
|
Fixed in r44162 https://codereview.chromium.org//968163002 . Added Fixed label. |
Deferred loading does not work in csp mode.
Also see issue #3940.
The text was updated successfully, but these errors were encountered: