We tried to apply the updated policies also to our Bitbucket Cloud connect apps.
However, it seems that Bitbucket Cloud Connect library itself uses eval(), preventing us
from using a Content-Security-Policy without ‘unsafe-eval’.
More details: Bitbucket Connect Library uses .eval(), preveting to use CSP without 'unsafe-inline' as required
2 Likes