Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

<style> tag fails Content Security Policy #549

Open
abueloshika opened this issue Apr 5, 2023 · 0 comments
Open

<style> tag fails Content Security Policy #549

abueloshika opened this issue Apr 5, 2023 · 0 comments

Comments

@abueloshika
Copy link

abueloshika commented Apr 5, 2023

ember-pikaday uses a manually applied style tag to set the positioning of the calendar. This is causing it to fail a style-src: 'self CSP and (I think) means to use the add-on you'd need to allow unsafe-inline.

Is there any way to work around this? I have to use the modifier over the component as the project doesn't include moment but from what I can see the style tag is applied as part of the adjustPosition() function so it isn't something I can interact with.

EDIT: I've added the SHA for the script tag for my own projection but I'll leave the issue up as it may be something that can be changed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant