Contrib.social

Hide 'unsafe-eval' from style-src config

Open on Drupal.org β†’
Created on 13 June 2024, 13 days ago
Updated 14 June 2024, 13 days ago

Problem/Motivation

The CSP spec only defines 'unsafe-eval' as valid in parsing whether a script should be executed.

Proposed resolution

Remove 'unsafe-eval' from the options available for style-src on the config form.

Remaining tasks

User interface changes

API changes

Data model changes

πŸ“Œ Task
Status

Fixed

Version

2.0

Component

Code

Created by

πŸ‡¨πŸ‡¦Canada gapple

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024