-
-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSS cursor rule is causing Content Security Policy warnings #153
Comments
Hi @The-Paavo, I hadn't thought about CSP, that's too bad since I think it's better for UX (not everyone is used to click outside to close a modal). I think I'm just going to revert this commit because I prefer to avoid compromising on security and an external link wouldn't be as easy to use. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Just FYI. Commit 5ecc2c2 is a little bit problematic, if Content Security Policies doesn't allow insecure
data:
schemes. It's usually not allowed, if CSP is defined. When it's not allowed, browsers refuse to use that svg-image (cursor) and they complain about it in "console".It can be fixed by removing or overriding this css-rule.
.tingle-modal { cursor: auto; }
is enough to override this.Could this cursor-thingy perhaps be optional or just use standard cursor keywords? https://developer.mozilla.org/en-US/docs/Web/CSS/cursor
Other than that, 0.16.0 is working smoothly. 👍
The text was updated successfully, but these errors were encountered: