Hide 'unsafe-eval' from style-src config

Created on 13 June 2024, 10 months ago

Updated 28 June 2024, 9 months ago

The CSP spec only defines 'unsafe-eval' as valid in parsing whether a script should be executed.

Remove 'unsafe-eval' from the options available for style-src on the config form.

📌 Task

Status

Fixed

Version

2.0

Component

Code

Created by

🇨🇦Canada gapple

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @gapple
Comment 10 months ago →
System Message

gapple → committed f41576d8 on 2.x
Issue #3454524: Hide 'unsafe-eval' from style-src config options
Status changed to Fixed 10 months ago12:07am 14 June 2024
Comment 10 months ago →
🇨🇦Canada gapple
Comment 9 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

Production build 0.71.5 2024