Which @angular/* package(s) are the source of the bug?
platform-browser
Is this a regression?
Yes
Description
Which @angular/* package(s) are the source of the bug?
Please provide a link to a minimal reproduction of the bug
No response
Please provide the exception or error you saw
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-qTTH3DuzKPmgtKU61WF0JCpnThDceaYDm31rPH7akOE='), or a nonce ('nonce-...') is required to enable inline execution.
Please provide the environment you discovered this bug in (run ng version)
Which @angular/* package(s) are the source of the bug?
platform-browser
Is this a regression?
Yes
Description
Which @angular/* package(s) are the source of the bug?
Please provide a link to a minimal reproduction of the bug
No response
Please provide the exception or error you saw
Please provide the environment you discovered this bug in (run
ng version
)Ionic: Ionic CLI : 7.2.0 (/Users/n7168/.nvm/versions/node/v20.13.1/lib/node_modules/@ionic/cli) Ionic Framework : @ionic/angular 8.1.1 (/Users/n7168/HLF-ng17-ionic8/node_modules/@ionic/angular) @angular-devkit/build-angular : 17.1.4 (/Users/n7168/HLF-ng17-ionic8/node_modules/@angular-devkit/build-angular) @angular-devkit/schematics : 17.1.4 (/Users/n7168/HLF-ng17-ionic8/node_modules/@angular-devkit/schematics) @angular/cli : not installed @ionic/angular-toolkit : not installed
Anything else?
Issue: Hitting CSP violation for style-src on appendChild object method under _getStyleElement function.
Note: We are prevented from using 'unsafe-inline' due to penetration testing report on Content Security Policy.