Modernizr Causes Content Security Policy (CSP) Violation Errors

Question

I am attempting to use the new Content Security Policy (CSP) HTTP headers on a test site. When I use CSP in conjunction with Modernizr I get CSP violation e

Answer 1

I found a fix without having to use unsafe-inline.

You can modify the unminimized Modernizr at one line:

fakeBody = body || document.createElement('body');

convert to

fakeBody = document.createElement('body');

works on IE9, Firefox, and Chrome.