Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow using strict CSP config #655

Open
HeedjyCompany opened this issue Oct 19, 2022 · 1 comment
Open

allow using strict CSP config #655

HeedjyCompany opened this issue Oct 19, 2022 · 1 comment
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@HeedjyCompany
Copy link

Is your feature request related to a problem? Please describe.
using CSP "style-src 'self'" rule is not possible with the component.
using CSP "style-src 'unsafe-inline' is not an option for security.

Describe the solution you'd like
add a nonce attribute on the component that will be passed to the style tags created by the component
(so we can set the same nonce value in the style-src header)

Describe alternatives you've considered
using the hash nonce is not practical because it will change on every lib upgrade.

Additional context
@HeedjyCompany HeedjyCompany added the enhancement New feature or request label Oct 19, 2022
@harshzalavadiya
Copy link
Member

@HeedjyCompany This makes sense as of now tsdx automatically injects css I'll have do little more research for this, and look at how others have managed to solve this issue

anyway ideas welcome

@harshzalavadiya harshzalavadiya added the help wanted Extra attention is needed label Oct 20, 2022
This was referenced Dec 9, 2023
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@harshzalavadiya @HeedjyCompany