Limited availability during the holidays
Another busy year is coming to its end, and an exciting year lies ahead. In order to get ready for a fresh new start, our team will spend a few days' rest during the winter holidays. Over the holiday break, we will have reduced staffing from December 20th, 2024, to January 5th, 2025, so please be patient if you do not receive a response as quickly as you normally would.
We send our warmest wishes for happiness, health, and success throughout the coming year. Thank you for your continued support, and may you have a peaceful and blessed Happy Holidays!
Hi!
I am required to utilise a robust Content Security Policy (CSP). However, it seems that Layer Slider requires the unsafe-inline and unsafe-eval values under the script-src directive to function.
How can this be overcome please?
Thank you
Leigh
Hello Leigh,
Thank you for getting in touch with us!
Sorry for the inconvenience but it is not possible to change this because that's how our plugin works. Most plugins currently work this way (inline codes), specifically some features of WordPress as well. The unsafe eval is necessary so that they cannot steal the code, on the other hand it is performance efficient in terms of loading.
Best Regards,
Andrea | Kreatura Support Team
Is it possible to utilise the nonce or hash parameters to avoid using unsafe-inline and unsafe-eval?
Hello Leigh,
Thank you for your feedback!
Your tip is very good, the dev team will look into the possibility of offering a solution in a future update.
Best Regards,
Andrea | Kreatura Support Team