Last Updated: 19 Jun 2023 09:37 by Vidya Sagar K
Vidya Sagar K
Created on: 19 Jun 2023 09:37
Category: UI for ASP.NET MVC
Type: Feature Request
Remove the unsafe-inline requirement from Telerik MVC styles for CSP compliance
Currently, the Telerik UI for MVC requires the style-src 'self' unsafe-inline; directive present:
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src 'self'; script-src 'self'; style-src 'self' unsafe-inline; font-src 'self' data:;" />
We have the following requirements:
   -  As per CSP we do not use Unsafe prefix at any-level in the project.
   -  Style-src self without Unsafe-inline when it will be ready to use for MVC project