I am using
Error: call to eval() blocked by CSP nicEdit.js:779:36
scriptSrc: ["'self'", "'unsafe-inline'"]
If you really need to use
nicEditor which contains
eval (which is probably not a good idea in the first place), you can add the following directive:
I would really, really, recommend that you simply use a different editor which doesn't rely on
eval though. It really is a security risk in most cases.
If you need an alternative, have a look at ProseMirror for example.