[SPIKE] Content Security Policy exception #15934
Labels
engineering
Work to be completed by an engineer
experience
Team label to flag issues owned by the Experience Team
needs-refinement
Tickets that need refinement from the team
Problem statement
Azure captured the following exception in production which needs some investigation.
EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://js.monitor.azure.com https://www.googletagmanager.com https://hhs-prime.okta.com https://reportstream.okta.com https://global.oktacdn.com https://www.google-analytics.com https://*.in.applicationinsights.azure.com https://dap.digitalgov.gov".
What you need to know
I believe we had an issue like this in the past and may be able to look back to see what the fix was.
Captured on Sept, 19, 2024.
Acceptance criteria
To do
The text was updated successfully, but these errors were encountered: