Critters loads external stylesheets and inlines them into the HTML via
See these snippet on how we are loading and directly inlining the CSS
Since there is no direct way to sanitize the CSS file contents, inlining them directly into the HTML can cause potential injection issue if the CSS contains closing style tag
This PR prevents creating script tags from embedding stylesheets
Critters loads external stylesheets and inlines them into the HTML via
See these snippet on how we are loading and directly inlining the CSS
Since there is no direct way to sanitize the CSS file contents, inlining them directly into the HTML can cause potential injection issue if the CSS contains closing style tag
This PR prevents creating script tags from embedding stylesheets