#Astro Islands with Content Security?

2 messages · Page 1 of 1 (latest)

pure quarry Nov 23, 2023, 5:12 PM

Hi folks!

What do you suggest is the best/official method of using Astro Islands (any client side framework really) with a properly set up Content Security Policy header? The script-src component basically kills any client side lib, even though the self is added as a source, because Astro injects the component (or parts of it) inline which would fall in the “unsafe-inline” category.

Any ideas?

pure quarry Nov 23, 2023, 5:30 PM

Looking through the issues on GitHub this seems to be an issue even nowdays, and been an issue for more than a year already with no solution?