id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
10540	"Do not use eval because it violates Content Security Policy (""unsafe-inline"")"	Piotrek Koszuliński		"Reported on GitHub: https://github.com/ckeditor/ckeditor-dev/commit/321ddbbe74a

We use eval in env.js and a function constructor in templates. Worth checking if we're not using setTimeout or setInterval with string somewhere in older code."	Bug	closed	Normal		General		duplicate