Limited availability during the holidays

Another busy year is coming to its end, and an exciting year lies ahead. In order to get ready for a fresh new start, our team will spend a few days' rest during the winter holidays. Over the holiday break, we will have reduced staffing from December 20th, 2024, to January 5th, 2025, so please be patient if you do not receive a response as quickly as you normally would.

We send our warmest wishes for happiness, health, and success throughout the coming year. Thank you for your continued support, and may you have a peaceful and blessed Happy Holidays!

Okay
  Public Ticket #2769490
Content Security Policy
Closed

Comments

  • Leigh started the conversation

    Hi!

    I am required to utilise a robust Content Security Policy (CSP). However, it seems that Layer Slider requires the unsafe-inline and unsafe-eval values under the script-src directive to function.

    How can this be overcome please?

    Thank you

    Leigh

  •  244
    Kreatura Support replied

    Hello Leigh,

    Thank you for getting in touch with us!
    Sorry for the inconvenience but it is not possible to change this because that's how our plugin works. Most plugins currently work this way (inline codes), specifically some features of WordPress as well. The unsafe eval is necessary so that they cannot steal the code, on the other hand it is performance efficient in terms of loading. 

    Best Regards,
    Andrea | Kreatura Support Team

  • Leigh replied

    Is it possible to utilise the nonce or hash parameters to avoid using unsafe-inline and unsafe-eval?

  •  244
    Kreatura Support replied

    Hello Leigh,

    Thank you for your feedback!
    Your tip is very good, the dev team will look into the possibility of offering a solution in a future update.

    Best Regards,
    Andrea | Kreatura Support Team