skip navigation

Product Bundles
DevCraft
All Telerik .NET tools and Kendo UI JavaScript components in one package. Now enhanced with:
NEW: Design Kits for Figma
Online Training
Document Processing Library
Embedded Reporting for web and desktop
Web
Kendo UI UI for jQuery UI for Angular UI for React UI for Vue UI for Blazor UI for ASP.NET Core UI for ASP.NET MVC UI for ASP.NET AJAX
Mobile
UI for .NET MAUI UI for Xamarin
Document Management
Telerik Document Processing
Desktop
UI for .NET MAUI UI for WinUI UI for WinForms UI for WPF
Reporting
Telerik Reporting Telerik Report Server
Testing & Mocking
Test Studio Test Studio Dev Edition Telerik JustMock
CMS
Sitefinity
UI/UX Tools
ThemeBuilder Design System Kit Templates and Building Blocks
Debugging
Fiddler Fiddler Everywhere Fiddler Classic FiddlerCap FiddlerCore
Free Tools
VB.NET to C# Converter Testing Framework
View all products

Overview
Docs & Demos
Get Started
Support and Learning
Support and Learning Hub
First Steps
Virtual Classroom
Forums
Feedback Portal
Accessibility and Security
Submit a Ticket
Trust Center
FAQs
Resources
Resources Hub
Docs & Demos
Videos
Blogs
What’s New
Roadmap
Release Notes
Productivity and Design Tools
ThemeBuilder
Design System Documentation
Visual Studio Code Extensions
Embedded Reporting
Pricing

Shopping cart
Login
Try now

Telerik Forums / KendoReact

Content Security Policy violation in kendo-drawing package

1 Answer 76 Views

Charts Drawing Security

Jason

Top achievements

Rank 1

Jason asked on 09 Jan 2023, 03:07 PM

I'm attempting to use kendo-charts but when applying a strict content security policy there are many CSP violations regarding style-src.

This appears to be related to the file render-svg.js, in particular the attempt to set innerHTML:

var renderSVG = function(container, svg) {
    container.innerHTML = svg;
};

Is there any way to avoid this? We cannot set 'unsafe-inline' for the entire application.

Thanks.

1 Answer, 1 is accepted

Sort by

0

Filip

Telerik team

answered on 11 Jan 2023, 07:58 AM

Hello, Jason,

Thank you for reaching out to us.

We reached out to the development team and it seems that we have fixed this issue, once the new version is released next week (on the 18th of January) this issue will be resolved.

I hope this helps.

Regards,
Filip
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Drag and drop files here or browse to attach...

Browse for files to attach...

Supported file types: PNG, JPG, JPEG, ZIP, RAR, TXT. Max total file size - 20MB.

Tags

Charts Drawing Security

Asked by

Jason

Top achievements

Rank 1

Answers by

Filip

Telerik team

Share this question

or

Complete .NET Toolbox

Telerik DevCraft

Complete JavaScript Toolbox

Get Products

Free Trials
Pricing

Resources

Demos
Documentation
Release History
Forums
Blogs
Webinars
Videos
Professional Services
Partners
Virtual Classroom
Events
FAQs

Recognition

Success Stories
Testimonials

Get in touch

Contact Us
- 165k+
- 50k+
- 17k+
- 4k+
- 14k+

Contact Us
- 165k+
- 50k+
- 17k+
- 4k+
- 14k+

Telerik and Kendo UI are part of Progress product portfolio. Progress is the leading provider of application development and digital experience technologies.

Company
Technology
Awards
Press Releases
Media Coverage
Careers
Offices

Company
Technology
Awards
Press Releases
Media Coverage
Careers
Offices

Copyright © 2024 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.

Progress and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.

Terms of Use
Site Feedback
Privacy Center
Trust Center

Do Not Sell or Share My Personal Information

Powered by Progress Sitefinity