Skip to content
This repository was archived by the owner on Jun 15, 2026. It is now read-only.

Commit 39e5ac5

Browse files
CopilotRMCampos
Copilot
and
RMCampos
authored
fix(csp): allow blocked inline style via SHA-256 hash in style-src (#43)
* Initial plan * fix: add CSP hash for blocked inline style in style-src directive Agent-Logs-Url: https://github.com/RMCampos/tasknote/sessions/a51fd5ff-eb93-4ef0-96e0-3d10df540a59 Co-authored-by: RMCampos <2219519+RMCampos@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: RMCampos <2219519+RMCampos@users.noreply.github.com>
1 parent fc4cd38 commit 39e5ac5

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

client/Caddyfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
media-src 'self';
3535
object-src 'none';
3636
script-src 'unsafe-inline' 'report-sample' 'self' https://*.cloudfront.net;
37-
style-src 'report-sample' 'self' https://cdn.jsdelivr.net/ https://fonts.googleapis.com;
37+
style-src 'report-sample' 'self' https://cdn.jsdelivr.net/ https://fonts.googleapis.com 'sha256-+OsIn6RhyCZCUkkvtHxFtP0kU3CGdGeLjDd9Fzqdl3o=';
3838
worker-src 'none';
3939
"
4040
Referrer-Policy "same-origin"

0 commit comments

Comments
 (0)