Remove unsafe-inline styles ("styles attributes")

Question

Remove unsafe-inline styles ("styles attributes")

mweinelt opened this issue 7 years ago · comments

We're on a really good way, safety-wise! https://observatory.mozilla.org/analyze.html?host=firmware.darmstadt.freifunk.net

One more nitpick for now as follows:

Your current CSP policy allows the use of 'unsafe-inline' inside of style-src. Moving style attributes into external stylesheets not only makes you safer, but also makes your code easier to maintain.

codedust · Answer 1 · Wed Mar 08 2017 07:38:40 GMT+0800 (China Standard Time)

We're on a really good way, safety-wise!

Nope. We're using JavaScript.