Dear Support,
starting with Adobe Commerce 2.4.5-p8, this module is not compliant with new inline script CSP policy.
More informations here:
Module affected: Gigya\GigyaIM
Blocks affected: gigya_customer_form_login, GigyaScript, GigyaModalLogin
Templates: gigya_script.phtml, gigya_login.phtml,
Reason: inclusion of inline scripts is not done through the \Magento\Framework\View\Helper\SecureHtmlRenderer::renderTag method
On installations with CSP Strict Policy activated, the script inclusion is locked and the scripts are not executed.
In browser console: Error: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src
In these conditions, login and registration flow does not work.
Thank you,
Gianluca, Webformat team
Dear Support,
starting with Adobe Commerce 2.4.5-p8, this module is not compliant with new inline script CSP policy.
More informations here:
Module affected:
Gigya\GigyaIMBlocks affected:
gigya_customer_form_login,GigyaScript,GigyaModalLoginTemplates: gigya_script.phtml, gigya_login.phtml,
Reason: inclusion of inline scripts is not done through the
\Magento\Framework\View\Helper\SecureHtmlRenderer::renderTagmethodOn installations with CSP Strict Policy activated, the script inclusion is locked and the scripts are not executed.
In browser console:
Error: Refused to execute inline script because it violates the following Content Security Policy directive: "script-srcIn these conditions, login and registration flow does not work.
Thank you,
Gianluca, Webformat team