Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Fixed In:
14.1.0
Opened: May 09, 2018 Severity: 4-Minor
In Pages where CSP is enabled and as a result eval is execution is blocked, there's an option to disable its execution in websafe's javascript.
There's a javascript error, "Content Security Policy: The page's settings blocked the loading of a resource at self ("script-src"). Source: call to eval() or related function blocked by CSP."
Pages where CSP enabled and in particular eval is not allowed.
N/A
A new option via the "Before Load Function" to disable eval in websafe's javascript.