You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
They have now thankfully added a new wasm-eval in w3c/webappsec-csp#293. As it says there, the spec is wrong, reportedly, Chrome/ium 97 accepts wasm-eval while the spec still calls it wasm-unsafe-eval.
Problem
Chrome required
unsafe-evalfor loading of WebAssembly code. See WebAssembly/content-security-policy#7 and all the linked issues.Solution
They have now thankfully added a new
wasm-evalin w3c/webappsec-csp#293. As it says there, the spec is wrong, reportedly, Chrome/ium 97 acceptswasm-evalwhile the spec still calls itwasm-unsafe-eval.More
After all, the issue is so big they draft a whole new spec about that, apparently: https://w3c.github.io/webappsec-csp/
The text was updated successfully, but these errors were encountered: