Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to the distribution of malware. For more information, check out this article on the Mozilla Developer Network.
HOOPS Communicator is compatible with CSP, however, because we use WebAssembly, there are some special setup requirements.
Once you’ve configured CSP on your web server and you’ve added policy directives to your web page, you’re going to see this error:
To clear this error, you’re going to need to add the following policy:
1<meta http-equiv="Content-Security-Policy" content="script-src 'wasm-unsafe-eval'">