Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inline style nonce #1231

Closed
pgjones opened this issue May 25, 2020 · 3 comments
Closed

Inline style nonce #1231

pgjones opened this issue May 25, 2020 · 3 comments

Comments

@pgjones
Copy link
Contributor

@pgjones pgjones commented May 25, 2020

Is your feature request related to a problem? Please describe.
Yes, I would like to set a nonce on all inline style tags.

Describe the solution you'd like
See #1232 - use the same nonce that already exists for style tags.

Describe alternatives you've considered
Alternatives are to add unsafe-inline to the CSP, but this is much less preferable.

How important is this feature to you?
Style is not as worrying as script tags (feature already exists). Yet still this is a good to have.

Additional context
My previous issue content,

Is it possible to configure or set a nonce for the inline styles?

I've not found anything searching, so maybe this is also a feature request.
@antony
Copy link
Member

@antony antony commented May 25, 2020

@pgjones if it's a feature request, please update this issue to use the provided template, so that it can be actioned.

@pgjones
Copy link
Contributor Author

@pgjones pgjones commented May 26, 2020

Updated with a PR implementation.

@antony antony added has pr and removed pending clarification labels May 26, 2020
@benmccann benmccann removed the has pr label Aug 26, 2020
@Conduitry
Copy link
Member

@Conduitry Conduitry commented Sep 25, 2020

This has been added in 0.28.9.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

4 participants
You can’t perform that action at this time.