CSP issue with Kendo Editable Popup from Editor Templets

0 Answers 25 Views

Grid

Ashok asked on 27 Nov 2025, 09:08 AM | edited on 27 Nov 2025, 09:25 AM

Hi,

I as using Editor Templates for Custom Editable popup window in Kendo grid and I have to configure CSP header "script-src 'self'". I am able to open the editable popup window but getting below error. I was thinking this is due to using Editor Templates. Can you please help to solve this. If not possible any other approach to fix this.

I am using Telerik Kendo 2025.3.825 version

"Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com'. Either the 'unsafe-inline' keyword, a hash ('sha256-+x7Aqy5UP8GiQGBhhjEJzGrnw0mBj6s2jbzcAjtk9C0='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked."

Nikolay

commented on 01 Dec 2025, 02:38 PM

Hi Ashok,

To make the Editor CSP compatible, set its Nonce and UnsafeInline as explained in the following documentation section: https://www.telerik.com/kendo-jquery-ui/documentation/controls/editor/overview#csp-compliance

For example:

$("#editor").kendoEditor({
     nonce: "kendoNonce",
     unsafeInline: false
});

Regards,

Nikolay

CSP issue with Kendo Editable Popup from Editor Templets

No answers yet. Maybe you can help?