fix: allow runtime stylesheet injection
This commit is contained in:
11
src/utils/tauriCsp.test.ts
Normal file
11
src/utils/tauriCsp.test.ts
Normal file
@@ -0,0 +1,11 @@
|
||||
import { readFileSync } from 'node:fs'
|
||||
|
||||
describe('Tauri Content Security Policy', () => {
|
||||
it('keeps broad inline styles available when runtime libraries inject style tags', () => {
|
||||
const config = JSON.parse(readFileSync(`${process.cwd()}/src-tauri/tauri.conf.json`, 'utf8'))
|
||||
const styleSrc = config.app.security.csp['style-src'] as string
|
||||
|
||||
expect(styleSrc).toContain("'unsafe-inline'")
|
||||
expect(styleSrc).not.toMatch(/'nonce-|sha(256|384|512)-/)
|
||||
})
|
||||
})
|
||||
Reference in New Issue
Block a user