Closed jmcampanini closed 8 years ago
the current default for ContentSecurityPolicy is default-src 'self'
default-src 'self'
would like to change this to allow inline CSS for dynamic elements. the change would be to:
default-src 'self'; style-src 'self' 'unsafe-inline'
@adidahiya will this be sufficient for your needs?
// tagging for SA @akroy @qinfchen @tomshen
:+1: sgtm
:+1: we're currently overriding the the csp in our product to allow for this
the current default for ContentSecurityPolicy is
default-src 'self'
would like to change this to allow inline CSS for dynamic elements. the change would be to:
@adidahiya will this be sufficient for your needs?
// tagging for SA @akroy @qinfchen @tomshen