We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
功能请求
2.9.10
启用了 CSP
Content-Security-Policy: default-src 'self';
后 在调用
layui.use(function () { var layer = layui.layer; var layerIndex = layer.load(2) })
和jquery 4.0 后 由于 layui 生成了inline css 浏览器会报错
急需layui 支持csp
### 截图补充 ![Screenshot 2024-05-22 at 17 15 36](https://github.com/layui/layui/assets/152969695/ec38d008-05d8-4215-9dcd-70132bcc2970) ![Screenshot 2024-05-22 at 17 03 20](https://github.com/layui/layui/assets/152969695/d22df802-9910-4dc6-bcbb-03533af37cda) ### 浏览器 Chrome ### 演示地址 _No response_ ### 友好承诺 - [X] 我承诺将本着相互尊重、理解和友善的态度进行交流,共同维护 Layui 良好的社区氛围。 <!-- layui-issue-template 请务必严格遵循模板规范 -->
The text was updated successfully, but these errors were encountered:
参考:#1176
Sorry, something went wrong.
@sentsim 这个不是 eval 的问题,这个是inline css的问题
很难避免不使用内联样式的,建议把 default-src 改成 script-src 即不加载陌生脚本文件即可。也可以追加 frame-src,其他限制我认为没有太大必要。
default-src
script-src
frame-src
No branches or pull requests
议题条件
议题类型
功能请求
使用版本
2.9.10
问题描述
启用了 CSP
后
在调用
和jquery 4.0 后
由于 layui 生成了inline css
浏览器会报错
急需layui 支持csp
业务代码
The text was updated successfully, but these errors were encountered: