Showing posts with label Content Security Policy. Show all posts
Showing posts with label Content Security Policy. Show all posts

Wednesday, November 21, 2018

Kendo UI Invalid template message

Just in case you'll get:

Invalid template:'<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dc:creator>${creator}</dc:creator><cp:lastModifiedBy>${lastModifiedBy}</cp:lastModifiedBy><dcterms:created xsi:type="dcterms:W3CDTF">${created}</dcterms:created><dcterms:modified xsi:type="dcterms:W3CDTF">${modified}</dcterms:modified></cp:coreProperties>' Generated code:'var $kendoOutput, $kendoHtmlEncode = kendo.htmlEncode;with(data){$kendoOutput='<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\r\n<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dc:creator>'+($kendoHtmlEncode(creator))+'</dc:creator><cp:lastModifiedBy>'+($kendoHtmlEncode(lastModifiedBy))+'</cp:lastModifiedBy><dcterms:created xsi:type="dcterms:W3CDTF">'+($kendoHtmlEncode(created))+'</dcterms:created><dcterms:modified xsi:type="dcterms:W3CDTF">'+($kendoHtmlEncode(modified))+'</dcterms:modified></cp:coreProperties>';}return $kendoOutput;' 

With firefox I got the message 'Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”).'

So in your Content Security Policy policy add 'unsave-eval' to the script-src.

Cheers,
L