Very nice JS library you have here.
I spent the weekend working with it and I like it. Unfortunately I have to change the content security policy to
include unsafe-inline to make it work. The diff of my CSP is:
- "style-src 'self' 'nonce-{nonce}'; "
+ "style-src 'self' 'unsafe-inline'; "
sadly this is kind of deal breaker. I did some searching for svelte and CSP and it seems they did have some
issues with it in the past, but they were resolved. It's possible that rebuilding with updated dependencies will fix
this. However I am not steeped enough in svelte, npm etc. to try it myself.
Any chance you can look into this and see if it is easily fixable?
Very nice JS library you have here.
I spent the weekend working with it and I like it. Unfortunately I have to change the content security policy to
include
unsafe-inlineto make it work. The diff of my CSP is:sadly this is kind of deal breaker. I did some searching for svelte and CSP and it seems they did have some
issues with it in the past, but they were resolved. It's possible that rebuilding with updated dependencies will fix
this. However I am not steeped enough in svelte, npm etc. to try it myself.
Any chance you can look into this and see if it is easily fixable?