Allow inline style attibute on element using Content Security Policy (CSP) |
Could there be a javascript workaround to this. As in i create a custom attribute called "bg-img" and access it using javascript.
Code: <div class="single-slider hero-overly slider-height d-flex align-items-center" bg-img="<?= $sliderimages['image_path'];?>"> Based on the link given by @InsiteFX from CSP: style-src there is this statement. "However, styles properties that are set directly on the element's style property will not be blocked, allowing users to safely manipulate styles via JavaScript:" Code: document.querySelector('div').style.display = 'none'; So in my case i can probably do something like this; Code: var bgImage = document.querySelector('[bg-img]'); Any suggestions? |
Welcome Guest, Not a member yet? Register Sign In |