9Eyl
Google CSP Evaluator and style-src ‘unsafe-inline’
Google provides a CSP evaluator to validate if a given content-security policy is well set up (github, validator). However, if one uses ‘unsafe-inline’ in the style-src directive this is reported as ‘all good’ (See image below).
Does this …