Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Content Security Policy (CSP) implemented unsafely #461

Open
digitalgregg opened this issue Jan 12, 2022 · 1 comment
Open

Content Security Policy (CSP) implemented unsafely #461

digitalgregg opened this issue Jan 12, 2022 · 1 comment

Comments

@digitalgregg
Copy link

My site using lot inline JS ans CSS. When I'm using unsafe-inline , Mozilla showing (CSP) implemented unsafely. How can keep score on Mozilla using unsafe-inline ?
@carlin-q-scott
Copy link

This article explains your issue pretty thoroughly: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src

Basically you need to stop using inline scripts and styles, or use nonces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carlin-q-scott @digitalgregg