bat.js加载内联样式导致浏览器csp问题 [英] bat.js loading inline styles causing browser csp issue

问题描述

我们希望打开浏览器csp来帮助保护用户的安全，作为其中的一部分，我们阻止了内联样式/样式块，以及内联js。

We're looking to turn on browser csp to help keep our users secure, and as part of this, we are blocking inline styles / style blocks, as well as inline js.

目的是防止可能的攻击，例如https：//css-tricks.com/css-keylogger/ 

Aim is to prevent possible attacks like https://css-tricks.com/css-keylogger/ 

看起来bat.js将html加载到带有内联样式的页面中，这意味着我们将收到错误和警告。

It looks like bat.js loads html into the page with inline styles, meaning that we will get an error and alert.

是否有任何方法可以将代码更改为不加载内联样式/样式块？

Is there any way the code can be changed to not load inline styles / style blocks?

推荐答案

我已经向我们的团队询问了进一步的指导，我会告诉你我发现了什么out。 

I've asked our team for further guidance, and I'll let you know what I find out. 

感谢您的耐心等待，

Eric

这篇关于bat.js加载内联样式导致浏览器csp问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！