Firefox17 and CSP - inline broken?

We noticed CSP parsing changed in Firefox17 (our header stopped working) and we saw https://bugzilla.mozilla.org/show_bug.cgi?id=737064

Any attempts at allowing inline scripts does not work for us.

Anyone else having this issue?

Example that's failing and resulting in 'CSP WARN: Directive inline script base restriction violated' console errors:

x-content-security-policy: default-src *;script-src https://*.facebook.com http://*.facebook.com 'unsafe-inline' 'unsafe-eval'

Thanks

Received on Thursday, 6 December 2012 00:13:07 UTC