fix: allow runtime stylesheet injection

This commit is contained in:
lucaronin
2026-04-25 16:06:17 +02:00
parent 8207b87c33
commit 3ebfa642fa
4 changed files with 13 additions and 13 deletions

View File

@@ -0,0 +1,11 @@
import { readFileSync } from 'node:fs'
describe('Tauri Content Security Policy', () => {
it('keeps broad inline styles available when runtime libraries inject style tags', () => {
const config = JSON.parse(readFileSync(`${process.cwd()}/src-tauri/tauri.conf.json`, 'utf8'))
const styleSrc = config.app.security.csp['style-src'] as string
expect(styleSrc).toContain("'unsafe-inline'")
expect(styleSrc).not.toMatch(/'nonce-|sha(256|384|512)-/)
})
})