Hey
Which value do I have to give the Content Security Header in order to make Infragistics ASP.NET components work e.g. the WebDatePicker.
Thanks in advance.
Hello Pieterjan,
Thank you for contacting us.
Could you share with us what error do you get? Please provide as much details as possible.
I am looking forward to hearing from you.
Best Regards, Tihomir IlievSoftware DeveloperInfragistics, Inc.
I understood, I will test your scenario and I will get back to you with my findings.
I am also facing the same problem with below content-security-policy the Infragistics controls are working fine in IE browser but when switched to Chrome browser , its not rendering correctly and not working. I want the list of values by which the Infragistics controls works correctly in Chrome browser also.
<add name="Content-Security-Policy" value="default-src 'self'; script-src 'self' ; style-src 'self'; img-src 'self'; font-src 'self';connect-src 'self';child-src 'self';form-action 'self';block-all-mixed-content;" />
Is this problem of requiring script-src unsafe-eval only for WebForms?
Hello,
Thank you for your patience.
Our controls use inline script elements as well as eval(). Your CSP configuration should look like this:
<add name="Content-Security-Policy" value="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self';connect-src 'self';child-src 'self';form-action 'self';block-all-mixed-content;" />
Please let us know if you need further assistance.