stops processing Content Security Policy on 

External Issue #6728569


Mar 1, 2016
This issue is public.
Reported by 0 people

Sign in to watch or report this issue.

Steps to reproduce


Repro Steps:

  1. Create and HTML page with inline javascript
  2. Set the CSP for the site to default-src ‘self’ 
 script-src ‘self’ 'unsafe-inline’;
  3. View page and see the message in the console.

Expected Results:

Edge should process and enforce the whole CSP, or complain that the CSP is invalid.

Actual Results:

Dev Channel specific:



0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Kamen M.”

      Changed Assigned To to “wwatri”

      Changed Assigned To from “wwatri” to “Liang Z.”

      Changed Status to “Confirmed”

      Changed Assigned To to “Ivan P.”

      Changed Assigned To from “Ivan P.” to “Matthew C.”

      Changed Assigned To from “Matthew C.” to “IE S.”

      Changed Status from “Confirmed” to “External”

      Changed Assigned To from “IE S.” to “Steven K.”

    • We were not able to repro this issue in the latest Edge releases.  Please try to repro this issue in a current version and let us know if you experience the same issue.

      Your feedback is extremely helpful as it helps us to improve the quality of Microsoft Edge. We continue to welcome more feedback and look forward to hearing from you again soon.
      Best regards,

      The MS Edge Team

    You need to sign in to your Microsoft account to add a comment.

    Sign in