SecurID prompt does not appear using Chrome and Firefox after adding a Security Policy on RSA Agent 8.0.3 for Apache web server
Originally Published: 2020-10-16
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for Web
RSA Version/Condition: 8.0.1 for Apache Web Server
Platform: Linux
O/S Version: Red Hat Linux 7.3
Issue
Header always set Content-Security-Policy "script-src 'self'; object-src 'self'" and user launches the Token Authentication page in Chrome or Mozilla, the page is blank with below error reported in the browser:
Refused to evaluate a string as JavaScript because 'unsafe-inline' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'". and relaxing the unsafe-inline policy as below able to go to the authentication page,
Header always set Content-Security-Policy "script-src 'self' 'unsafe-inline'; object-src 'self'"
but after entering the token credentials and submit, again error occurs stating to allow unsafe-eval,. Below is the error in console:
Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'".
Cause
Resolution
Related Articles
Increasing the number of connections from RSA Authentication Agent 7.3.x for Windows to a Windows platform with RDP Number of Views Adding a Global Catalog to RSA Authentication Manager 8.x Number of Views Remote Desktop Protocol Vulnerability MS12-020 Number of Views How does Remote Desktop handle Smart card and NLA? Number of Views Authentication Issues Using A Third-Party RDP Client And RSA Authentication Agent 7.3.3 for Windows Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
