- @chrissnyder opened merge request.
- πΊπΈUnited States chrissnyder Maryland
I have opened a MR and attached a patch file with a different approach.
My approach leverages the Attach Inline β module for adding the CSS and JS to the page. With this approach, if you have the Content Security Policy β module enabled hashes/nonces are automatically added to the page's policy to remove the need for
'unsafe-inline', and limit the risk of Cross Site Scripting vulnerabilities. In addition, by keeping the scripts inline, we preserve the existing token replacement feature. - Status changed to Needs review
over 1 year ago 8:37pm 26 September 2023