Hello,
I am currently testing the feasibility of using Hoops Communicator on Electron.
I am using the code from the following repository:
For security purposes, I added the following CSP (Content-Security-Policy) settings in the index.html file, but I encountered an error:
<meta
http-equiv="Content-Security-Policy"
content="script-src 'self' 'unsafe-inline';"
/>
I found that the ‘unsafe-inline’ setting blocks all functions defined as strings, such as eval() and new Function(). When I changed it to ‘unsafe-eval’, the viewer worked correctly, but this may introduce security issues.
Is there a way to use Hoops Communicator while maintaining security?
Any help would be appreciated.
Thanks.