Open d65yan opened 4 years ago
~hi @d65yan how does removing the random number in the ID of the element it creates solve this? Wouldn't it be subject to the same style-src 'unsafe-inline'
CSP either way?~ Ah! I see! You probably want to use use style-src-elem
with a hash instead right, but the contents of the <style>
tag changes.... got it! This is a resonable request.
Something like this is also required for the nonce alternative.
Bumping this since the addition of the random number to link-stylesheet-test-
also forces me to set style-src-elem as unsafe-inline instead of being able to use a hash
Any news on this? 🙏
Any updates?
Hello All. This is more of a question and maybe a request Is it possible not to have link-initialize.js concat a random number to
link-stylesheet-test-
by adding. a random number it makes CSP throw errors and blocks the insertion. Sometimes eval unsafe or nonce are not an option. Would it be possible to allow for the ids to be provided by through link config?thank you