Join GitHub today
mastodon-svg-logo is hidden using an inline style #11601
The web UI should not use inline styles, because they are disabled if 'unsafe-inline' is not enabled in the 'style-src' CSP header
After upgrading from 2.8.0 to 2.9.3, a new DOM element was added at the bottom of the web UI (both the normal one and the single-column one) containing this:
However, as I set
Steps to reproduce the problem
Upgraded my instance from 2.8.0 to 2.9.3, and my instance does not allow
Firefox 60.8.0esr, but it probably happens with any browser.
Edit: This seems related: #10845
Mastodon sets its own CSP headers, there is no good reason to replace it. It is unsurprising that something breaks when you change it. Ironically, the style is inline to ensure it stays hidden even if the CSS fails to load due to a network error!
Thanks for the info, Mastodon didn't do that when I set up my config, and I didn't notice it starting doing it.
Though I find Mastodon's CSP a bit too permissive (this +