Open keyonvandenelzen opened 2 months ago
I have found a workaround for this issue. Using a custom tooltip formatter prevents inline styles from being used and thus the CSP directive is not violated.
I have found a workaround for this issue. Using a custom tooltip formatter prevents inline styles from being used and thus the CSP directive is not violated.
Apparently this workaround doesn't fix the issue. Browser still gives the warning about CSP inline-style
Version
5.5.0 (.min.js)
Link to Minimal Reproduction
https://keyonvandenelzen.github.io/echarts-tooltip-csp-violation/
Steps to Reproduce
Current Behavior
Strict style-src CSP directive is violated and therefore the tooltip is only partially styled.
Expected Behavior
Strict style-src CSP directive should not be violated.
Environment
Any additional comments?
Similar issue has been reported previously. Used @undeletable's minimal reproduction and issue format as a basis for this one.