Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSP - style-src 'unsafe-inline' should not be required #66

Open
daubli opened this issue Nov 18, 2019 · 4 comments
Open

CSP - style-src 'unsafe-inline' should not be required #66

daubli opened this issue Nov 18, 2019 · 4 comments
Assignees
@kutlugsahin

Comments

@daubli
Copy link

daubli commented Nov 18, 2019

Is there any possibility to add support for scrict csp scenarios?
The insertion of the inline style element into the header (https://github.com/kutlugsahin/smooth-dnd/blob/master/src/styles.ts) enforces me to enable style-src 'unsafe-inline' in my csp definition.
I tried to add the hash value of this element to the csp but this solution does not work in Firefox and Edge. It would be great if it wouldn't be necessary to add unsafe-inline to my csp.
@rogeru
Copy link

rogeru commented Mar 13, 2023

Fully agree. @daubli what did you end up doing?

@daubli
Copy link
Author

daubli commented Mar 15, 2023

@rogeru: I migrated to another dnd library

@rogeru
Copy link

rogeru commented Mar 15, 2023

@daubli thanks for letting me know. Can I ask which library you migrated to?

@daubli
Copy link
Author

daubli commented Mar 16, 2023

Sure. I migrated to the Vue-Wrapper of SortableJS - VueDraggable

@kutlugsahin kutlugsahin self-assigned this Jul 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kutlugsahin kutlugsahin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rogeru @kutlugsahin @daubli