Home > Forum > CSP headers vs ladesk client

CSP headers vs ladesk client

Oct 26, 2017
Jakub wrote
Hi,<br /> I've run into some issue setting up CSP security headers, in the final I had to allow 'unsafe-eval' in script-src .. otherwise, close button for the chat window wouldn't work at all (without any error/warning) .. also for chat buttons with requires customer to write something before the chat starts, the chat would never appear/start ..<br /> <br /> so my question is, do you plan to implement version without using 'eval'?<br /> <br /> thanks,<br /> J.<br /> <br /> <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy</a><br /> <a href="https://developer.chrome.com/extensions/contentSecurityPolicy">https://developer.chrome.com/extensions/contentSecurityPolicy</a>
1 Answer
Oct 30, 2017
Ondrej agent wrote
Hi Jakub,<br /> <br /> yes we have it in medium term plan. We are considering creating completely new more lightweight and simple client side contact widgets.<br /> However for now using eval(...) is required for correct functioning of most LiveAgent contact widgets.

Ready to try LiveAgent?

It's free for the first 14 days! No credit card required.

Get Started
We work well with others...
Magento Joomla Wordpress Mailchimp
Contact us


+1-800-811-6590 (Toll Free in USA & Canada)

+421 2 33 456 826 (European Union & Worldwide)

Quality Unit, LLC 616 Corporate Way, Suite 2-3278 Valley Cottage, NY 10989

Stay in touch
Blog Google+
© 2004-2015 QualityUnit.com, All rights reserved