javascript - CSP unsafe-eval using Google Maps API -

-

getting script-src 'unsafe-eval' error when trying use google maps' api.

<script src="https://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false"></script>

here's console error:

uncaught evalerror: refused evaluate string javascript because 'unsafe-eval' not allowed source of script in following content security policy directive: "script-src 'self' ' *.gstatic.com *.googleapis.com *.google-analytics.com *.google.com".

you think google wouldn't have unsafe-eval triggers in libraries. incase side code below:

js

function initialize() {     // create map.      var mapoptions = {         zoom: 4,         center: new google.maps.latlng(37.09024, -95.712891),         maptypeid: google.maps.maptypeid.roadmap,         zoomcontrol: true,         streetviewcontrol: false     };      var map = new google.maps.map(document.getelementbyid('map-canvas'),         mapoptions);      google.maps.event.addlistener(map, "click", function (e) {          var marker = new google.maps.marker({               draggable: true,               raiseondrag: false,               map: map,               position: e.latlng         });          var radius = math.pow(2, (20 - map.getzoom())) * 3;         if (radius < 100) {             radius = 100;         }          var circle = new google.maps.circle({             map: map,             editable: true,             radius: radius,             fillcolor: '#0159e5',             strokecolor: '#0159e5',             strokeweight: 1,             geodesic: true         });          circle.bindto('center', marker, 'position');          google.maps.event.addlistener(circle, 'radius_changed', function() {             if (circle.getradius() < 100){                 circle.setradius(100);             }         });          //set form fields         document.getelementbyid("geo-fence-lat").value = marker.getposition().lat();         document.getelementbyid("geo-fence-long").value = marker.getposition().lng();         document.getelementbyid("geo-fence-radius").value = math.ceil(radius/100)*100;          google.maps.event.clearlisteners(map, "click");          addlisteners(circle);     });   }

any fixes or ideas gmaps alternatives appreciated.

edit: these offending lines in chrome. found in maps.gstatic.com maps-api-v3/api/js/21/2/main.js. 

kh.main = function(a) {     eval(a) }; fg("main", {});  function ql(a) {     return o(eval, k, "window." + + "()") }

looks it's been mostly fixed in google maps 3.23 - see issue 4201

there still instances of eval in code - eval('document.namespaces') inside of try blocks (see: related closure fix)


Comments

Post a Comment

Popular posts from this blog

python - TypeError: start must be a integer -

-
i trying draw 5 turtles, getting typeerror on line 25. here code: import turtle wn = turtle.screen() redrose = turtle.turtle() color = input("what background color be?") fillcolor_f = input("what color of rose be?") redrose.hideturtle() redrose.speed(30) redrose.penup() redrose.left(180) redrose.forward(175) redrose.right(90) redrose.forward(30) redrose.right(90) redrose.pendown() def drawrose(red): redrose.color("pink") redrose.fillcolor(fillcolor_f) redrose.fill(true) in range(red): redrose.forward(i) redrose.right(49) in range(5): drawrose(redrose) redrose.penup() redrose.forward(350) redrose.right(144) redrose.pendown() redrose.fill(false) drawrose(50) wn.bgcolor(color) i trying draw 5 roses, produces errors. doing in interactivepython.org. you recursively calling drawrose wrong parameter. on line 23 ( for in range(red): ) expect red integer...
Read more

c# - DevExpress RepositoryItemComboBox BackColor property ignored -

-
i have following code almost works properly; private void cbstatus_drawitem(object sender, listboxdrawitemeventargs e) { string item = e.item string; if (item != null) { switch (item) { case "1": e.appearance.forecolor = color.green; e.appearance.backcolor = color.green; break; case "2": e.appearance.forecolor = color.orange; e.appearance.backcolor = color.orange; break; case "3": e.appearance.forecolor = color.red; e.appearance.backcolor = color.red; break; } } } when dropdown shown, items forecolor correct, backcolor remains whatever backcolor of theme is; i.e. if i've got set dark theme, backcolor dark, cells in gridview, rather being green/orange/red. i've tried setting e.appearance.options.usebackcolor trying set e....
Read more

django - Creating multiple model instances in DRF3 -

-
1) create multiple model instances 1 api call, asked here: how create multiple model instances django rest framework? tried solution named in link, no success. i trying upload multiple files in 1 api call. result: files uploaded (only once overwrote perform_create) 1 instance created (if send 2 files, latter created instance). my code: class fileuploadserializer(serializers.modelserializer): def __init__(self, *args, **kwargs): many = kwargs.pop('many', true) super(fileuploadserializer, self).__init__(many=many, *args, **kwargs) class meta: model = fileupload read_only_fields = ('created', 'datafile', 'owner') class fileuploadviewset(viewsets.modelviewset): queryset = fileupload.objects.all() serializer_class = fileuploadserializer parser_classes = (multipartparser, formparser, ) def perform_create(self, serializer): file_list = self.request.data.getlist('file') ...
Read more