Skip to content

CSP nonce "Refused to apply inline style because it violates the following Content Security Policy directive #1753

New issue
New issue
Open
Open
CSP nonce "Refused to apply inline style because it violates the following Content Security Policy directive#1753
@stanleykinkelaar

Description

@stanleykinkelaar
stanleykinkelaar
opened on Feb 27, 2025

After setting the CSP for the debugbar there is still an CSP error from the /_debugbar/assets/javascript?v=1739958968 file.

[Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'nonce-x'". Either the 'unsafe-inline' keyword, a hash ('sha256-bSoYuq6ivc9mSVWyH8JlqmEVCNQ2HqLmxv/ruraeG94='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.

Seems to be linking to the jQuery function Ae() part.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions