content security policy blocks eval() in dashboard - components not loading. #4
Description
when running the project locally (localhost:3000), the browser throws a content security policy (csp) error related to the use of eval() or similar patterns like new function() or settimeout('[string]'). this seems to be triggered either by a dependency or something in the build setup.
clicking "Start Learning" triggers the "+ Create Flow" button to say "Create" then nothing happens.
how to reproduce
- start the dev server
- go to
localhost:3000/dashboard - open devtools → console
- see the error:
content security policy of your site blocks the use of 'eval' in javascript
env info
- os: Windows 11
- browser: Chrome