0

I'm trying to create a Chrome Extension to run a setInterval function which will click a button continuously after 5sec. But it clicks the button once and then shows this error

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src * 'unsafe-inline'".

What should I do to fix this error? I can't show my codes due to some reasons.

Aman Dutt
  • 23
  • 3
  • I think we don't need code to understand the issue. The error message is pretty self-descriptive, which part of it is unclear to you? See https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setInterval – Teemu Nov 05 '20 at 13:31
  • 1
    CSP counts that setInterval() function is eval-unsafe only with string parameter. To get rid of unsafe-eval you need to use setInterval() with named or anonymous function as parameter - check it here: https://csplite.com/csp/test153/#test . Unfortunately your question closed with refs to wrong answer... – granty Nov 05 '20 at 17:59
  • @granty so should I pass the function in setInterval() to fix this error? – Aman Dutt Nov 06 '20 at 06:30
  • 1
    Yes, pass the function name, if you saw the test above - no eval violations occur. Function name should be passed without single quotes! see another test https://csplite.com/csp/test280/#test of common mistake (setInterval() and SetTimeout() works the same way). I have tested Mozilla's TypeWriter from the first comment of Teemu - it based on setInterval() and does not require any 'unsafe-eval' too. – granty Nov 06 '20 at 08:39
  • @granty thanks a lot – Aman Dutt Nov 07 '20 at 17:06

0 Answers0