|
|
|
|
|
|
by efortis
415 days ago
|
|
|
You can allow safe inline CSS with a nonce. For example: <style nonce="sha256-Ce2SAZQd/zkqF/eKoRIUmEqKy31enl1LPzhnYs3Zb/I=">
html { background: red }
</style>
And a CSP like this default-src 'self'; style-src 'sha256-Ce2SAZQd/zkqF/eKoRIUmEqKy31enl1LPzhnYs3Zb/I='
Here's how I automate mine:https://github.com/uxtely/js-utils/blob/ad7d9531e108403a4146... |
|
|