Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TabStrip is not CSP compliant when the Selected() API configuration is enabled #7848

Closed
alestoya opened this issue May 30, 2024 · 0 comments
Closed

TabStrip is not CSP compliant when the Selected() API configuration is enabled #7848

alestoya opened this issue May 30, 2024 · 0 comments
Assignees
@alestoya
Labels
Bug C: RadioButton C: TabStrip CSP Improvements FP: Completed Sync status with associated Feedback Item Next Release Item that will be included in the next official release S: Wrappers (ASP.NET Core) SEV: Medium
Milestone
2024 Q3 (Aug)

Comments

@alestoya
Copy link

Bug report

TabStrip is not CSP compliant when the Selected() API configuration is enabled.

Reproduction of the problem

  1. Create an application with CSP headers
  2. Create a TabStrip and set the Selected() API configuration for one of the items
@(Html.Kendo().TabStrip()
    .Name("tabstrip")
    .Items(items =>
    {
        items.Add().Text("Details")
		.Selected(true)
		.LoadContentFrom("Details", "Home", Model);
    
    })
)

Current behavior

Setting the Select() API configuration will lead to the following Content Security Policy Header Report Error.

Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.

Expected/desired behavior

Setting the Select() API configuration should not lead to a Content Security Policy Header Report Error.

Environment

  • Kendo UI version: 2024.2.514
  • Browser: [all]
@alestoya alestoya added this to the 2024 Q3 (Aug) milestone May 30, 2024
@alestoya alestoya self-assigned this May 30, 2024
@github-actions github-actions bot added the FP: Planned Sync status with associated Feedback Item label May 30, 2024
@github-actions github-actions bot added FP: Completed Sync status with associated Feedback Item and removed FP: Planned Sync status with associated Feedback Item labels May 31, 2024
@alestoya alestoya added the Next Release Item that will be included in the next official release label Jun 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alestoya alestoya

Labels
Bug C: RadioButton C: TabStrip CSP Improvements FP: Completed Sync status with associated Feedback Item Next Release Item that will be included in the next official release S: Wrappers (ASP.NET Core) SEV: Medium
Projects
None yet
Milestone
2024 Q3 (Aug)
Development

No branches or pull requests
2 participants
@alestoya @MilaTsv