Skip to content

Library does not work under strict Content-Security-Policy #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Seaviello opened this issue Sep 22, 2020 · 2 comments
Closed

Library does not work under strict Content-Security-Policy #26

Seaviello opened this issue Sep 22, 2020 · 2 comments

Comments

@Seaviello
Copy link

Because of the following code:

var crypto = eval("require('crypto')");
var Buffer = eval("require('buffer').Buffer");

library does not work, when the Content-Security-Policy does not include unsafe-eval.
@vovacodes vovacodes mentioned this issue Nov 20, 2021
Closed
@Tarnadas Tarnadas mentioned this issue Feb 15, 2022
Open
@gruve-p gruve-p mentioned this issue Feb 24, 2022
Closed
@joestakey joestakey mentioned this issue May 12, 2022
Closed
@ljharb
Copy link

ljharb commented May 12, 2022

Why is eval used at all here?

@brianchitester brianchitester mentioned this issue Jun 16, 2022
Merged
emn178 added a commit that referenced this issue Aug 30, 2023
@emn178
## v0.10.0 / 2023-08-30
bb8ae3a 
### Fixed
- Chrome bug by workaround. #40
- deprecated `new Buffer`, replace with `Buffer.from`. #34
- dependencies and security issues. #32, #36

### Changed
- TypeScript interface, secretKey can be bytes like message. #23, #25
- remove `eval` and use `require` directly. #18, #26
@emn178
Copy link
Owner

emn178 commented Aug 30, 2023

remove eval in v0.10.0

@emn178 emn178 closed this as completed Aug 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ljharb @emn178 @Seaviello