After working for a couple of days, my new (and first) Plumsail form is producing a CSP ‘unsafe-eval’ violation. There is no JavaScript in my form, and it was also generated after I created a new form with a single field.
Loading the script 'https://forms.plumsail.com/widget/1.1.0/sprouter.js ' violates the following Content Security Policy directive: "script-src 'unsafe-eval' https://forms.plumsail.com/webpart/1.0.8.0/
Did something change on your end, or do we have a Script Sources configuration issue on ours?
Kenton
I see Microsoft began enforcing CSP across all tenants on March 1 - I’m sure you know that though.
Margo
March 19, 2026, 3:28am
3
Hello @Kenton_Hensley ,
The error is caused by updates from Microsoft. Please see the instructions on how to resolve it:
Good morning, Margo, thank you, it is working after installation of the latest version.
I presume update notifications are sent to the email associated with the license purchase which isn’t me; can I sign up for them?
Regards,
Kenton
Margo
March 20, 2026, 5:04am
5
Hello @Kenton_Hensley ,
I have added you to our subscription list to receive notifications regarding Plumsail Forms for SharePoint Online.
1 Like