angular-ui/ui-grid

Content Security Policy - inline styles

Open

#6,031 创建于 2017年2月21日

在 GitHub 查看
 (2 评论) (1 反应) (0 负责人)JavaScript (2,496 fork)batch import
help wanted

仓库指标

Star
 (5,395 star)
PR 合并指标
 (30 天内没有已合并 PR)

描述

Hello, I am developing an Angular application with uiGrid

My webserver sets strict CSP headers - I do not want to allow inline css: script-src 'self'

I have followed Angular CSP guidelines etc, all is working well but I am getting few errors in console and it seems uiGrid uses inline styles. I have not found any recomendations ion this in tutorials. Is there any way how to run uiGrid with strict styles csp?

Can this be at least added to "requirements" sections in tutorials to let other users now about this?

uiGrid works fine if I set script- src to style-src 'self' 'unsafe-inline'

Thanks your your reply!

贡献者指南