Home App Docs Blog Github

Button Click JavaScript Click


I have a javascript element action that I need to run when a button is clicked. I have created the onclick action on the button and added the necessary JS code to be triggered. My site has a content security policy configured and it appears that when the button is clicked builder tries to execute the JS and attempts to evaluate the JS string as a script. This is blocked by the CSP as string to code evaluation is very insecure.

How can I get around this without explicitly allowing unsafe-eval? Why are JS resources not served from your CDN which could added to my script-src in the CSP?

Stack is Angular 10 with SSR.


Just wanted to follow up here. Anyone have an idea?

Hi @spm922, I know there’s an existing conversation in GitHub, so I’m going to post the link to that conversation here: Unable to Execute JavaScript Action · Issue #423 · BuilderIO/builder · GitHub