regression introduced in version 1.9.4

  • Resolved manu24max

    (@manu24max)


    5 days, 20 hours ago

    Hello SureMail team,

    I’m reporting a regression introduced in version 1.9.4 that causes the dashboard to display as a completely blank white screen.

    Issue:
    After updating to 1.9.4, the SureMail dashboard no longer renders. The browser console shows the following Content Security Policy (CSP) error:

    “Content Security Policy of your site blocks the use of ‘eval’ in JavaScript”
    Directive: script-src — Status: blocked

    Root cause:
    It appears that the internal libraries updated in 1.9.4 now use eval() (or equivalent such as new Function(), setTimeout([string]), etc.), which is blocked by strict CSP headers. This was not an issue in version 1.9.3.

    Steps to reproduce:

    1. Install or update to SureMail 1.9.4
    2. Have a Content Security Policy with a strict script-src directive (no unsafe-eval)
    3. Navigate to the SureMail dashboard → blank white screen

    Expected behavior:
    The dashboard should render correctly regardless of CSP strictness, as it did in v1.9.3.

    Workaround:
    Rolling back to version 1.9.3 resolves the issue.

    Please consider fixing the use of eval() in the updated libraries, or documenting the CSP requirement if unsafe-eval is now needed.

    Thank you for your work on this plugin.

Viewing 1 replies (of 1 total)
  • Plugin Support BSFNamrata

    (@namratabsf)

    5 days, 10 hours ago

    Hello @manu24max ,

    Thank you for sharing such detailed insights.

    Could you please open a support ticket by emailing us at support@suremails.com?

    This will allow us to thoroughly review the issue, make necessary changes, and provide you with a development ZIP for further review.

    We look forward to assisting you further.

    Best regards,
    Namrata

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.