Hello all. I'm currently working to get our webapp CSP compliant. I've removed `style-src unsafe-inline` from our CSP, and am working on tackling any violations we have
I've discovered that, at runtime, GWT is using StyleInjectorImpl <https://www.gwtproject.org/javadoc/latest/com/google/gwt/dom/client/StyleInjector.StyleInjectorImpl.html>'s `injectStyleSheet` method to inject all of the CSS present in our Ui binder files. Is there a way to fix this without using a nonce value (due to a quirk in our setup, adding a nonce value at runtime is not possible), or separating the CSS in our UiBinder files to external CSS files? -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/c2fb11ef-426e-416b-bc77-c9f90c0cc737n%40googlegroups.com.
