neuron-technologies/neuron-web
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

dev → stage: CSP unsafe-eval fix #89

Merged
will.anderson merged 2 commits from dev into stage 2026-05-11 16:45:16 +00:00
Conversation 0 Commits 2 Files Changed 1
+3 -3

2 Commits

Author SHA1 Message Date
will.anderson acca3cfddf Merge pull request 'add unsafe-eval to CSP (El native_js compatibility)' (#88) from fix/stage-ci-paths into dev
Dev — Build & local smoke test / build-smoke (push) Successful in 3m15s
Details 
Merge fix/stage-ci-paths into dev
 2026-05-11 16:44:54 +00:00
will.anderson 90f7c3655e add unsafe-eval to CSP for El runtime native_js() compatibility
Dev — Build & local smoke test / build-smoke (pull_request) Successful in 3m9s
Details 
El's native_js() compiles to eval(). checkout-auth.el uses native_js()
to embed the auth logic, so all window globals (showSignIn, initStripe,
etc.) live inside an eval call. Stage CSP was blocking it, leaving the
page with no auth functions defined.
 2026-05-11 11:40:05 -05:00