Hello, if I set Content Security Policy on the server and open some eg. view to edit (url: some-view/edit), it will be directly redirected to URL: /preview/page, where are no data to edit, just output will be shown.
So, I found, that the problem is in jQuery plugin (if JQuery Update is installed: /jquery_update/replace/jquery/1.10/jquery.min.js?v=1.10.2 or if not installed: /misc/jquery.js?v=1.4.4), in this line: s.innerHTML=c[1]+o.replace(vt,"<$1>")+c[2],i=c[0];while(i--)s=s.lastChild;if(!x.support.leadingWhitespace&&yt.test(o)&&d.push(t.createTextNode(yt.exec(o)[0])),!x.support.tbody){o="table"!==l||xt.test(o)?"
"!==c[1]||xt.test(o)?0:s:s.firstChild,i=o&&o.childNodes.length;while(i--)x.nodeName(u=o.childNodes[i],"tbody")&&!u.childNodes.length&&o.removeChild(u)}x.merge(d,s.childNodes),s.textContent="";while(s.firstChild)s.removeChild(s.firstChild);s=f.lastChild}else d.push(t.createTextNode(o));s&&f.removeChild(s),x.support.appendChecked||x.grep(Ft(d,"input"),Bt),h=0;while(o=d[h++])if((!r||-1===x.inArray(o,r))&&(a=x.contains(o.ownerDocument,o),s=Ft(f.appendChild(o),"script"),a&&_t(s),n)){i=0;while(o=s[i++])kt.test(o.type||"")&&n.push(o)}return s=null,f},cleanData:function(e,t){var n,r,o,a,s=0,l=x.expando,u=x.cache,c=x.support.deleteExpando,f=x.event.special;for(;null!=(n=e[s]);s++)if((t||x.acceptData(n))&&(o=n[l],a=o&&u[o])){if(a.events)for(r in a.events)f[r]?x.event.remove(n,r):x.removeEvent(n,r,a.handle);
because the Conten Security Policy blocked it as inline-script, wich are per default not allowed, as it is a meaning of CSP to use.
The CSP (Content Security Policy ) was set from me to allow scripts form self server, and some external source like google, twitter. The all javascripts are combined and output as some internal js-files, so allowed. But I think, the CSP blocked this line as some inline-script. Would you help me to fix it? Thanks
