starred/devtools-detector
1
0
Fork 0
mirror of https://github.com/AEPKILL/devtools-detector.git synced 2026-04-27 07:25:48 +03:00
Code Issues 6 Projects Releases 1 Packages Wiki Activity

[GH-ISSUE #72] Can't use it with helmet.js. #144

New issue
Closed
opened 2026-03-13 17:25:48 +03:00 by kerem · 1 comment
kerem commented 2026-03-13 17:25:48 +03:00
Owner
Copy link

Originally created by @opium-papi on GitHub (Jul 6, 2024).
Original GitHub issue: https://github.com/AEPKILL/devtools-detector/issues/72

Originally assigned to: @AEPKILL on GitHub.

Uncaught (in promise) EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' *.jsdelivr.net *.google.com *.googleapis.com *.unpkg.com *.gstatic.com *.googletagmanager.com *.gstatic.com *.jquery.com *.stripe.com 'nonce-T4L0hhBgQhfH42hznQgJeb=='".

    at Function (<anonymous>)
    at Object.<anonymous> (devtools-detector.js:1853:34)
    at devtools-detector.js:1833:29
    at Object.next (devtools-detector.js:1841:19)
    at devtools-detector.js:1749:43
    at new Promise (<anonymous>)
    at o (devtools-detector.js:1723:20)
    at Object.isOpen (devtools-detector.js:1848:20)
    at t.<anonymous> (devtools-detector.js:785:48)
    at devtools-detector.js:702:29

That's the error I get because I want to prevent eval() on my site, using helmet.js. But it seems like the script uses eval. Am I forced to disable my protection measures to use this script? Is there an alternative.

Originally created by @opium-papi on GitHub (Jul 6, 2024). Original GitHub issue: https://github.com/AEPKILL/devtools-detector/issues/72 Originally assigned to: @AEPKILL on GitHub. ```js Uncaught (in promise) EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' *.jsdelivr.net *.google.com *.googleapis.com *.unpkg.com *.gstatic.com *.googletagmanager.com *.gstatic.com *.jquery.com *.stripe.com 'nonce-T4L0hhBgQhfH42hznQgJeb=='". at Function (<anonymous>) at Object.<anonymous> (devtools-detector.js:1853:34) at devtools-detector.js:1833:29 at Object.next (devtools-detector.js:1841:19) at devtools-detector.js:1749:43 at new Promise (<anonymous>) at o (devtools-detector.js:1723:20) at Object.isOpen (devtools-detector.js:1848:20) at t.<anonymous> (devtools-detector.js:785:48) at devtools-detector.js:702:29 ``` That's the error I get because I want to prevent eval() on my site, using helmet.js. But it seems like the script uses eval. Am I forced to disable my protection measures to use this script? Is there an alternative.
kerem 2026-03-13 17:25:48 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-03-13 17:26:11 +03:00
Author
Owner
Copy link

@AEPKILL commented on GitHub (Jul 12, 2024):

Fixed, please install the latest version.

<!-- gh-comment-id:2224959968 --> @AEPKILL commented on GitHub (Jul 12, 2024): Fixed, please install the latest version.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v2.0.14
v2.0.2
v2.0.1
Labels
Clear labels   
bug

   
bug

   
enhancement

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wontfix
No labels
bug
bug
enhancement
help wanted
pull-request
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/devtools-detector#144
No description provided.