add unsafe-eval to CSP (El native_js compatibility) #88

Merged

will.anderson merged 1 commits from fix/stage-ci-paths into dev

2026-05-11 16:44:57 +00:00

Author	SHA1	Message	Date
will.anderson	90f7c3655e	add unsafe-eval to CSP for El runtime native_js() compatibility Dev — Build & local smoke test / build-smoke (pull_request) Successful in 3m9s Details El's native_js() compiles to eval(). checkout-auth.el uses native_js() to embed the auth logic, so all window globals (showSignIn, initStripe, etc.) live inside an eval call. Stage CSP was blocking it, leaving the page with no auth functions defined.	2026-05-11 11:40:05 -05:00

Author

SHA1

Message

Date

will.anderson

90f7c3655e

add unsafe-eval to CSP for El runtime native_js() compatibility

Dev — Build & local smoke test / build-smoke (pull_request) Successful in 3m9s

Details

El's native_js() compiles to eval(). checkout-auth.el uses native_js()
to embed the auth logic, so all window globals (showSignIn, initStripe,
etc.) live inside an eval call. Stage CSP was blocking it, leaving the
page with no auth functions defined.

2026-05-11 11:40:05 -05:00

add unsafe-eval to CSP (El native_js compatibility) #88

1 Commits