angular-ui/ui-grid

Content Security Policy - inline styles

Open

#6,031 建立於 2017年2月21日

在 GitHub 查看
 (2 留言) (1 反應) (0 負責人)JavaScript (2,496 fork)batch import
help wanted

倉庫指標

Star
 (5,395 star)
PR 合併指標
 (30 天內沒有已合併 PR)

描述

Hello, I am developing an Angular application with uiGrid

My webserver sets strict CSP headers - I do not want to allow inline css: script-src 'self'

I have followed Angular CSP guidelines etc, all is working well but I am getting few errors in console and it seems uiGrid uses inline styles. I have not found any recomendations ion this in tutorials. Is there any way how to run uiGrid with strict styles csp?

Can this be at least added to "requirements" sections in tutorials to let other users now about this?

uiGrid works fine if I set script- src to style-src 'self' 'unsafe-inline'

Thanks your your reply!

貢獻者指南