[Bug 38365] Add Content-Security-Policy HTTP header to HTML responses
5 Mar
2026
5 Mar
'26
6:34 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38365 --- Comment #259 from David Cook <dcook@prosentient.com.au> --- I think I've worked out a workaround for style-loader, but there's still an issue with how the font awesome styles are imported (without style-loader it seems). Ah yeah... in node_modules/@fortawesome/fontawesome-svg-core/index.js it does the following: DOCUMENT.head.insertBefore(style, beforeChild); Think we'd have to turn off the auto injecting of style using config.autoAddCss for fontawesome-svg-core and import fontawesome CSS explicitly. This seems to do the trick. I'll do a patch for that too... -- You are receiving this mail because: You are watching all bug changes.
132
Age (days ago)
132
Last active (days ago)
0 comments
1 participants
participants (1)
-
bugzilla-daemon@bugs.koha-community.org