Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSP discourages inline styles #162

Open
dargmuesli opened this issue Oct 6, 2016 · 2 comments
Open

CSP discourages inline styles #162

dargmuesli opened this issue Oct 6, 2016 · 2 comments
Labels
Improvement

Comments

@dargmuesli
Copy link

With Content Security Policy enabled and no unsafe-inline in style-src, waves are not displayed and as a csp violation (report) is triggered.
Currently I don't see a practical way to a solution because neither hash-sources nor nonce-sources can be used with dynamically generated style attributes in the current form. I seriously hope that there is a possibility to work around this issue without making anything unsafe!
@fians
Copy link
Owner

fians commented Mar 13, 2017

I will work on this.

@dargmuesli
Copy link
Author

It's now one year later. What is the status on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Improvement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fians @dargmuesli