Hello All,
just found regression with CSP
nonce for CSS resources seems to be not added, which results security errors
Can it be caused by latest code optimizations?
--
WBR
Maxim aka solomax
Hi all,
If you want to go ahead and remove the core CSS, please make sure all
components keep working. For example, in wicket extensions I had to
use the 'wicket--hidden' class in progressbar.js. Just do a grep on
'wicket--hidden' and double-check those components in the examples.
Best regards,
Hmmm,
I'll check.
The errors are definitely in DevTools (I'm using report-only CSP)
Not sure if it is first or second time
Will double-check and report back
On Tue, 24 Mar 2020 at 15:17, Emond Papegaaij wrote:
>
> Hi Maxim,
>
> Are you sure? I just tried the examples and CSS resources do have
>
Hi Maxim,
Are you sure? I just tried the examples and CSS resources do have
nonces. Maybe you're seeing the same errors as I when opening the dev
tools? Somehow Chrome is unable to load the css resources in the dev
tools when the dev tools are opened after loading the page. After a
refresh, it's
Hi,
ok, let's give it a try!
All hidden elements (hidden form fields or placeholders) are hidden via
"hidden" attribute now.
Have fun
Sven
On 24.03.20 08:15, Emond Papegaaij wrote:
Hi all,
If you want to go ahead and remove the core CSS, please make sure all
components keep working. For
