Hello,
I would like to ask for a change that makes Vue Toasted add its styles in a way that does not require unsafe-inline being present in CSP. We would like to have our CSP header as secure as possible and inline styles are definitely considered a risk.
It looks like nonce-based solution would be the best (safest and probably also easiest to implement too) option.
Please see a similar request in Vue Style Loader: https://github.com/vuejs/vue-style-loader/issues/33
+1. It would even be enough to just not include the styles. You can easily import the styles manually in main.js:
import 'vue-toasted/dist/vue-toasted.min.css'
Hello, I would like to ask for a change that makes Vue Toasted add its styles in a way that does not require
unsafe-inline
being present in CSP. We would like to have our CSP header as secure as possible and inline styles are definitely considered a risk.It looks like nonce-based solution would be the best (safest and probably also easiest to implement too) option. Please see a similar request in Vue Style Loader: https://github.com/vuejs/vue-style-loader/issues/33
Thanks!