Replies: 1 comment 1 reply
-
|
This is for v4, right? It will take some time to take a look at this. We are fully focused on the v5 version now. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Yes, this is for v4. Currently using 4.14.0 |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
FluentNavLink inherits from FluentNavBase which inject an inline script $"document.getElementById('{CustomToggleId}').click();"
The browser writes the following error in console.
Executing inline event handler violates the following Content Security Policy directive 'script-src 'self''. Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. The policy is report-only, so the violation has been logged but no further action has been taken.I can get rid of the error by add 'unsafe-inline' to the script-src but the cybersecurity team is not keen of the idea.
"script-src 'self' 'unsafe-inline';
What do you suggest?
Beta Was this translation helpful? Give feedback.
All reactions