MPP-3834: Fix CSP rules for inline styles

mozilla / fx-private-relay

Keep your email safe from hackers and trackers. Make an email alias with 1 click, and keep your address to yourself.

https://relay.firefox.com

Other

1.44k stars 168 forks source link

MPP-3834: Fix CSP rules for inline styles #4819

Closed jwhitlock closed 4 days ago

jwhitlock commented 5 days ago

When converting to django-csp 4.x, the 'unsafe-inline' rule was applied to script-src instead of style-src. This is why we're getting new CSP violations on local dev and the dev server.