Content Security Policy with Inline Styles of A11y Plugin #986

bozdevs · 2025-04-09T12:50:31Z

bozdevs
Apr 9, 2025

"a11y-plugin" append an element to DOM Tree, like this:

<p aria-live="assertive" aria-atomic="true" id="swup-announcer" style="position:absolute;top:0;left:0;clip:rect(0 0 0 0);clip-path:inset(50%);overflow:hidden;white-space:nowrap;word-wrap:normal;width:1px;height:1px;"></p>

But my CSP settings will block inline styling.

Problems

1- It will trigger an error log into browser.
2- Screen Reader Only styles doesn't work.

I have solve problem two with #swup-announcer { ... } this style but I can't block to occour error log, how can I disable to make inline style?

Answered by daun

Apr 9, 2025

You could calculate the SHA256 hash of the inline style and add it to your CSP config as an unsafe hash. See this post for an example.

View full answer

daun · 2025-04-09T13:01:26Z

daun
Apr 9, 2025
Maintainer

You could calculate the SHA256 hash of the inline style and add it to your CSP config as an unsafe hash. See this post for an example.

1 reply

daun Apr 9, 2025
Maintainer

This would get rid of both problems.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

swup

Content Security Policy with Inline Styles of A11y Plugin #986

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

swup

Content Security Policy with Inline Styles of A11y Plugin #986

Uh oh!

Uh oh!

bozdevs Apr 9, 2025

Problems

Replies: 1 comment · 1 reply

Uh oh!

daun Apr 9, 2025 Maintainer

Uh oh!

daun Apr 9, 2025 Maintainer

bozdevs
Apr 9, 2025

Replies: 1 comment 1 reply

daun
Apr 9, 2025
Maintainer

daun Apr 9, 2025
Maintainer