Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to use jqGrid with Content Security Policy meta tag? #979

Open
clouser opened this issue Mar 25, 2021 · 3 comments
Open

How to use jqGrid with Content Security Policy meta tag? #979

clouser opened this issue Mar 25, 2021 · 3 comments
Labels
Problem Question

Comments

@clouser
Copy link

clouser commented Mar 25, 2021

Hello. I have a requirement to add the following Content Security Policy mega tag to my application, but when I do I see errors in the browser console because the jqGrid plugin uses inline styles. Are there any plans to remove inline styles from the plugin so applications can use CSP without the need to add unsafe-inline into their CSP tag?

<meta http-equiv="Content-Security-Policy" content="script-src 'self'; style-src 'self';">
@tonytomov
Copy link
Owner

Hello,

Sorry for delay. Yes, there are plans for this, again with some other security fixes, but I'm not sure that we can completely solve the problem. Instead We will try. The very big problem is that the column width is calculated at runtime and it is added as inline style. If you can recommend us some elegant solution that will great.

Best Regards,
Tony

@sssunilshinde1
Copy link

How to use jqGrid with Content Security Policy meta tag ?

@tonytomov
Copy link
Owner

Hello,

At the moment you can not use it with Content Security Policy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Problem Question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tonytomov @clouser @sssunilshinde1