Topic: Remove eval functions from code
If Content-Security-Policy does not allow eval then Firefox will block whole js script file from loading, means all of mdb.js is not loaded!
Eval is a big security risk and should not be used. The try{}catch{} does not do anything when the js file is not loaded at all.
try {
// This works if eval is allowed (see CSP)
g = g || Function("return this")() || (1, eval)("this");
} catch (e) {
// This works if the window reference is available
if ((typeof window === "undefined" ? "undefined" : _typeof(window)) === "object") g = window;
}
Add comment
After every MDB update I have to remove those eval functions manually. This is annoying. 
Closed
This topic is closed.
FREE CONSULTATION
Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.
Status
Closed
Specification of the issue
- ForumUser: Pro
- Premium support: No
- Technology: MDB jQuery
- MDB Version: 4.5.13
- Device: PC
- Browser: Firefox 62.0.3 (64-Bit)
- OS: Windows 10
- Provided sample code: No
- Provided link: No