-
### Describe the bug
Ruffle has inline styles that it applies to the HTML side of the renderer. If the page's content security policy prevents this (usually with an error like this: `Refused to apply…
-
Textpattern 4.9dev, plugin version:4.9.0-beta.
Relevant CSP setting: `script-src-elem 'strict-dynamic' ''`
Add a honeypot field to the form: ``
The script block as inserted
```
documen…
-
Not sure if this is even possible, but I thought it is worth to ask.
When calling `shinyjs::useShinyjs`, many functions are injected inline in the UI. This is a problem when implementing a strict …
-
### What feature do you want to see added?
When you add a CssTextTheme element, this is rendered as an inline `style` element. This is a violation of common CSP settings.
The Element should either b…
-
## What problem does this address?
Right now it's very hard, nearly impossible, to add a strict Content Security Policy (CSP) when inline styles (style="..." attributes) are used (https://content-s…
-
### Verify canary release
- [X] I verified that the issue exists in the latest Next.js canary release
### Provide environment information
```bash
NodeJs v18.17.1 Local Environment
```
### Which e…
-
- Site: [https://mtn.com](https://mtn.com)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 1:
- [https://mtn.com](https://mtn.com)
- **Sub Resource Integri…
-
- Site: [https://educ-grad-student-api-77c02f-dev.apps.silver.devops.gov.bc.ca](https://educ-grad-student-api-77c02f-dev.apps.silver.devops.gov.bc.ca)
**New Alerts**
- **A Server Error response …
-
Our friends at Squoosh have agreed to test out strict-csp!
-
**Describe the problem feature solves**
I use `helmet` with my `NestJS` app. I use my company's official logo from their website.
I always get "net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefault…