Thread: Change Log
Content Security Policy (CSP)
This is a security feature which prevents Cross-site Scripting attacks.
Browsers will only execute JavaScript from trusted sources and reject to execute inline Javascript.
The XSS attacks are not a fantasy scenario, ModularGrid is probed by lots of bots every hour.
We had a self made protection from the beginning but this is the official solution.
Side effect: lot's of JavaScript had to be moved/rewritten, so it is possible that one or two functions are broken.
Beep, Bopp, Bleep: info@modulargrid.net