kessejones / react-sweetalert2

SweetAlert2 implementation for ReactJS
https://kessejones.github.io/react-sweetalert2/
Apache License 2.0
14 stars 2 forks source link

SCP using : style-src without 'unsafe-inline' #24

Open JSON-stringify-24 opened 1 year ago

JSON-stringify-24 commented 1 year ago

The official package can prevent this issue using css and js library separatly:

image

But unafortunatly this package only use sweetalert2.all.min.js provoking the next error:

sweetalert2.all.js:4283 Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='), or a nonce ('nonce-...') is required to enable inline execution.