You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using SVGR in a React component library, build with vitejs.
In vite.config.ts file I configured the option to add a custom prop to the root SVG tag, since we configured CSP on our server_
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'nonce-rAnd0m'". Either the 'unsafe-inline' keyword, a hash ('sha256-DVjvk4wpw6Ow5UHdvNCjEmb4VaB2cVamAioibw9ytiM='), or a nonce ('nonce-...') is required to enable inline execution.
Of course the nonce value is only a test and the server is configured to use this value: here it is the CSP response header:
I'm using SVGR in a React component library, build with vitejs.
In vite.config.ts file I configured the option to add a custom prop to the root SVG tag, since we configured CSP on our server_
svgr({ svgrOptions: { svgProps: { nonce: 'rAnd0m', }, }, })It seems ti works well, if I inspect source coude I see this custom prop
<svg xmlns="http://www.w3.org/2000/svg" nonce display="none" style="">...</svg>anyway I always got a CSP error:
Of course the nonce value is only a test and the server is configured to use this value: here it is the CSP response header:
Is it related to SVGR or do I need to investigate elsewhere?
Thank you.
The text was updated successfully, but these errors were encountered: