Content Security Policy (CSP)
Content Security Policy (CSP) is an optional security feature built into modern browsers. It lets you set limits on the browser, such as the locations where it can load scripts from, by sending a Content-Security-Policy response header.
If you use Content Security Policy on your site, the following restrictions affect your use of JSNLog:
- unsafe-eval - jsnlog.js does not use eval, or versions of setTimeout and setInterval that take strings. So there is no need to use unsafe-eval to make your use of JSNLog compliant with CSP.
your page in a
variety of ways
If you use ASP.NET MVC, one of these ways is via the Configure method
This means that JSNLog is CSP compliant, except if you use the Configure method.