parse-community
Twitter login fails because 'unsafe-eval' is not an allowed source of script
New Issue Checklist
- [x] I am not disclosing a vulnerability.
- [x] I am not just asking a question.
- [x] I have searched through existing issues.
- [ ] I can reproduce the issue with the latest version of Parse Server and the Parse Android SDK.
Issue Description
java.lang.RuntimeException: Error in evaluationEvaluation: status: 13 value: {message=Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com". } hasMessage: true message: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com".
Steps to reproduce
Actual Outcome
Expected Outcome
Environment
Parse Android SDK
- SDK version: 2.0.5
- Operating system version: Android 9
Server
- Parse Server version: v3.6.0
- Operating system:
FILL_THIS_OUT - Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc):
FILL_THIS_OUT
Database
- System (MongoDB or Postgres):
FILL_THIS_OUT - Database version:
FILL_THIS_OUT - Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc):
FILL_THIS_OUT
Logs
Thanks for opening this issue!
-
❌ Please check all required checkboxes at the top, otherwise your issue will be closed.
-
⚠️ Remember that a security vulnerability must only be reported confidentially, see our Security Policy. If you are not sure whether the issue is a security vulnerability, the safest way is to treat it as such and submit it confidentially to us for evaluation.
![parse-github-assistant[bot] avatar](https://avatars.githubusercontent.com/in/136195?v=4 "Published by a pub.dev verified publisher"){kind=small}