CSP discourages inline styles

[dargmuesli]

With Content Security Policy enabled and no unsafe-inline in style-src, waves are not displayed and as a csp violation (report) is triggered. Currently I don't see a practical way to a solution because neither hash-sources nor nonce-sources can be used with dynamically generated style attributes in the current form. I seriously hope that there is a possibility to work around this issue without making anything unsafe!

[fians]

I will work on this.

[dargmuesli]

It's now one year later. What is the status on this?