You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Inline styles aren't compatible with the style-src directive of CSP. It can be opted into, but that can introduce a security vulnerability since it allows all inline styles. One way to make it work is to set the nonce attribute on the stylesheet to an expression that is replaced by the nonce by the server when the stylesheet is served, e.g. <style nonce="{% nonce %}">/* styles go here */</style>. Currently this isn't possible, because Critters doesn't allow for attributes to be added to the style tag.
The text was updated successfully, but these errors were encountered:
Inline styles aren't compatible with the
style-src
directive of CSP. It can be opted into, but that can introduce a security vulnerability since it allows all inline styles. One way to make it work is to set thenonce
attribute on the stylesheet to an expression that is replaced by the nonce by the server when the stylesheet is served, e.g.<style nonce="{% nonce %}">/* styles go here */</style>
. Currently this isn't possible, because Critters doesn't allow for attributes to be added to thestyle
tag.The text was updated successfully, but these errors were encountered: