Welcome to the Java Programming Forums

The professional, friendly Java community. 21,500 members and growing!

The Java Programming Forums are a community of Java programmers from all around the World. Our members have a wide range of skills and they all have one thing in common: A passion to learn and code Java. We invite beginner Java programmers right through to Java professionals to post here and share your knowledge. Become a part of the community, help others, expand your knowledge of Java and enjoy talking with like minded people. Registration is quick and best of all free. We look forward to meeting you.

Members have full access to the forums. Advertisements are removed for registered users.

Results 1 to 1 of 1

Thread: How can I remove unsafe-inline from csp header and make the inline scripts work?

LinkBack
- LinkBack URL
- About LinkBacks
- Bookmark & Share
- Digg this Thread!
- Bookmark in Technorati
Thread Tools
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

October 5th, 2023, 07:45 AM #1
IshitaNair

View Profile

View Forum Posts

Private Message

View Blog Entries

View Articles
Junior Member

Join Date

Oct 2023

Posts

1

Thanks

0

Thanked 0 Times in 0 Posts
How can I remove unsafe-inline from csp header and make the inline scripts work?

I have a spring web mvc application which uses jsp pages to render screens. It’s an old application and uses a lot of inline scripts. Recently we came across a vulnerability which is being caused due to ‘unsafe-inline- in the csp header. I tried the below 2 approach to resolve this-
1. I tried moving the functions in scripts to external js files. However not all inline scripts can be removed and requires a major update of code.
2. I tried using nonce by generating a secure nonce value and adding it in csp header as well as the jsp script tags. However all the event handlers still don’t work.

I am not sure what else can be done to resolve this issue. Can someone help with alternative solutions?
Reply With Quote

« Ancient Java program freezes when using java MainFunctionClass but runs in debugger after breakpoint | Netbeans & Hibernate Issues »

Similar Threads

inline function

By ami in forum Other Programming Languages

Replies: 1
Last Post: September 30th, 2021, 05:41 AM
how to work wsimport for this WSDL i get errors and i cant make it work

By pato.llaguno in forum Java Networking

Replies: 3
Last Post: January 26th, 2014, 11:51 PM
how to work wsimport for this WSDL i get errors and i cant make it work

By pato.llaguno in forum What's Wrong With My Code?

Replies: 6
Last Post: January 24th, 2014, 05:27 PM
[SOLVED] Question about inline code segment

By brighamandrew in forum Java Theory & Questions

Replies: 2
Last Post: September 1st, 2011, 04:40 AM
Unable to export chinese character in excel use ExcelCSVPrinter file open inline brow

By palanijava in forum Member Introductions

Replies: 1
Last Post: April 7th, 2011, 07:01 AM

Tags for this Thread

View Tag Cloud

All times are GMT -5. The time now is 03:13 AM.

Thread: How can I remove unsafe-inline from csp header and make the inline scripts work?

LinkBack

Thread Tools

Display

How can I remove unsafe-inline from csp header and make the inline scripts work?

Similar Threads

inline function

how to work wsimport for this WSDL i get errors and i cant make it work

how to work wsimport for this WSDL i get errors and i cant make it work

[SOLVED] Question about inline code segment

Unable to export chinese character in excel use ExcelCSVPrinter file open inline brow

Tags for this Thread