tolaria icon indicating copy to clipboard operation
tolaria copied to clipboard
verified publisher icon Threespot

Stop using inline styles (because CSP)

Open csuhta opened this issue 9 years ago • 2 comments

Some Tolaria features (the login form, a few of the JS form elements) use inline CSS styles, which preclude you from using the admin with a Content-Security-Policy unless you set the undesirable 'unsafe-inline' directive.

Refactor the UI elements so that they use CSS classes to manage their appearance, rather than inline styles. As a warning: we also have to move away from jQuery's hide() and show() because those use inline styles.

csuhta avatar Sep 22 '16 16:09 csuhta

Will there be backwards incompatible changes introduced? For example, I know of a project where we customized the Markdown editor, adding new toolbar buttons and stuff. Just wondering, thanks!

defbyte avatar Sep 22 '16 16:09 defbyte

@defbyte Very likely. This will probably be part of Tolaria 3.0 or higher.

csuhta avatar Sep 22 '16 16:09 csuhta