Hello,
We need to abide to the strict CSP requirements in our application, but there are a couple of places, particularly in engine.js, where eval() and Function are being used, and we were not able to find a replacement.
For instance, consider this piece of code taken from here :
/** @private Utility to execute incoming scripts */
dwr.engine._executeScript = function(script) {
if (script == null) {
return null;
}
if (script === "") {
dwr.engine._debug("Warning: blank script", true);
return null;
}
// Using Function instead of eval as the latter has memory problems on IE9
(new Function("dwr", script))(dwr);
};
How do we get around it without using Function or eval() ?
Thanks.