CSP/require-trusted-types/lazy-loading error

[EvanBor]

🐞 bug report

Affected Package

The issue is caused by package @angular/core

Is this a regression?

No

Description

CSP require-trusted-types rule for 'script' with trusted-types angular angular#unsafe-bypass blocks module lazy-loading

🔥 Exception or Error

Uncaught (in promise): TypeError: Failed to set the 'src' property on 'HTMLScriptElement': This document requires 'TrustedScriptURL' assignment.
TypeError: Failed to set the 'src' property on 'HTMLScriptElement': This document requires 'TrustedScriptURL' assignment.

🌍 Your Environment

Angular Version:

Angular CLI: 11.1.2
Node: 14.15.4
OS: darwin x64

Angular: 11.1.1
... animations, cdk, common, compiler, compiler-cli, core, forms
... platform-browser, platform-browser-dynamic, router
Ivy Workspace: Yes

Package                         Version
---------------------------------------------------------
@angular-devkit/architect       0.1101.2
@angular-devkit/build-angular   0.1101.2
@angular-devkit/core            11.1.2
@angular-devkit/schematics      11.1.2
@angular/cli                    11.1.2
@schematics/angular             11.1.2
@schematics/update              0.1101.2
rxjs                            6.6.3
typescript                      4.1.3

[alan-agius4]

I'm sorry, but this issue is not caused by Angular CLI.

Webpack, which is the bundler used by the Angular CLI, doesn’t support trusted types, hence this is not actionable from our end.

Please file an issue in their issue tracker.

[angular-automatic-lock-bot]

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

_{This action has been performed automatically by a bot.}