ES5 build breaks violates CSP for unsafe-eval #192
Comments
|
Hey there! Thanks for the report on this. I've been trying to refactor all the package builds to use There is a es6 module packaged in https://unpkg.com/browse/analytics@0.7.11/lib/ will that work for your application? |
|
Looks like this is an ongoing issue for the regenerator polyfill facebook/regenerator#378 |
|
It looks like everything in lib is still being transpiled to include the regeneratorRuntime, so I'm still getting errors: grep -c regenerator node_modules/@analytics/core/lib/*.js Am I missing something? |
|
I'm also experiencing this issue - and it doesn't seem like any of the proposed solutions are working - I'm using the latest |
|
Just updated all of the build deps. Can ya'll try again with latest I'm hoping this fixes the issue |
The current ES5-friendly build distributed through NPM breaks content security policies due to the reliance on regeneratorRuntime to replace async/await functions. This breaks chrome extensions, even those that follow the suggestions to set checkProtocolTask et al to null. Would it be possible to include two builds in the dist - one for modern browsers (e.g. es6+) and one for legacy browsers (e.g. es5)? This was the solution used by pdf.js:
mozilla/pdf.js#11036
this of course sources from the es5 build:
https://unpkg.com/browse/analytics@0.7.11/dist/analytics.js
The text was updated successfully, but these errors were encountered: