I want to enable CSP in my application.
But after enable it we found lots of error in the browser console. We initially using unsafe-inline but that is prohibit by our company. Even enable webix restrict mode(strict of env, Others Webix Docs) didn’t helped.
Issue is it created dynamic HTML (with style attributes) and assign this HTML to existing elements via “.innerHTML” or “.createElement” which violates the style-src-elem and style-src-attribute CSP policy.
Will the team have better solutions to solve the in-line style that prohibit by CSP or in what way to avoid the error?