bat.js加载内联样式导致浏览器csp问题 [英] bat.js loading inline styles causing browser csp issue
问题描述
我们希望打开浏览器csp来帮助保护用户的安全,作为其中的一部分,我们阻止了内联样式/样式块,以及内联js。
We're looking to turn on browser csp to help keep our users secure, and as part of this, we are blocking inline styles / style blocks, as well as inline js.
目的是防止可能的攻击,例如https://css-tricks.com/css-keylogger/
Aim is to prevent possible attacks like https://css-tricks.com/css-keylogger/
看起来bat.js将html加载到带有内联样式的页面中,这意味着我们将收到错误和警告。
It looks like bat.js loads html into the page with inline styles, meaning that we will get an error and alert.
是否有任何方法可以将代码更改为不加载内联样式/样式块?
Is there any way the code can be changed to not load inline styles / style blocks?
推荐答案
我已经向我们的团队询问了进一步的指导,我会告诉你我发现了什么out。
I've asked our team for further guidance, and I'll let you know what I find out.
感谢您的耐心等待,
Eric
这篇关于bat.js加载内联样式导致浏览器csp问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!