Change
Avoid inline JavaScript
Issue description
Using a tailored CSP on every request will mean that inline JavaScript cannot be used, since this would require 'unsafe-inline', in which case you can avoid the CSP all together. Inline JavaScript on links is used mainly to control the behavior of the anchor DOM element. In almost every case 'void(0)' is used (in the Topincs code) as well as some stores. Some stores have meaningful onClick handlers. These would need to be refactored.
|
Work sessions4
Start |
2021-08-12T14:13:55
|
End |
2021-08-12T15:10:50
|
Participant |
Robert Cerny
|
Start |
2021-08-12T16:41:22
|
End |
2021-08-12T17:28:09
|
Participant |
Robert Cerny
|
Start |
2021-08-12T20:01:23
|
End |
2021-08-12T20:31:23
|
Participant |
Robert Cerny
|
Start |
2021-08-13T08:53:32
|
End |
2021-08-13T17:31:16
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.