Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#27762] - Joomla Update Check triggers eval CSP

?
avatar Dade88
Dade88
1 Feb 2020

Steps to reproduce the issue

Setup CSP header to prevent usage of eval functions in script-src.
Connect to Joomla Admin Panel /administrator

Expected result

No console errors.

Actual result

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). at jupdatecheck.js:52:11

System information (as much as possible)

Not related.

Additional comments

You can still update Joomla, it just does not notify the administrators on logins.

avatar Dade88 Dade88 - open - 1 Feb 2020
avatar joomla-cms-bot joomla-cms-bot - change - 1 Feb 2020
Labels Added: ?
avatar joomla-cms-bot joomla-cms-bot - labeled - 1 Feb 2020
avatar Dade88 Dade88 - change - 1 Feb 2020
Status New Closed
Closed_Date 0000-00-00 00:00:00 2020-02-01 15:02:40
Closed_By Dade88
avatar Dade88 Dade88 - close - 1 Feb 2020
avatar Dade88 Dade88 - change - 1 Feb 2020
Title
Joomla Update Chec
Joomla Update Check triggers eval CSP
avatar Dade88 Dade88 - edited - 1 Feb 2020
avatar Dade88 Dade88 - change - 1 Feb 2020
The description was changed
avatar Dade88 Dade88 - edited - 1 Feb 2020

Add a Comment

Login with GitHub to post a comment