[英]bootstrap justify-content-between not working in header
[英]bootstrap styling not working on setting content security header
[屏幕缺少控制台錯誤的頁面][1] [1]:https://i.stack.imgur.com/QIuHp.png
我正在嘗試在我的 angular 項目中添加 Content-Security-Header
<!doctype html>
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self';style-src 'self'">
<meta charset="utf-8">
<title>Shop</title>
<base href="/">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="icon" type="image/x-icon" href="favicon.ico">
</head>
<body>
<app-root></app-root>
</body>
</html>
* {
box-sizing: border-box;
}
body {
margin: 0;
padding: 0;
}
.navbar {
background-color: #333;
color: white;
}
.brand-title {
font-size: 1.5rem;
margin: .5rem;
}
.navbar-links {
height: 100%;
}
.navbar-links ul {
display: flex;
margin: 0;
padding: 0;
}
.navbar-links li {
list-style: none;
}
.navbar-links li a {
display: block;
text-decoration: none;
color: white;
padding: 1rem;
}
.navbar-links li:hover {
background-color: #555;
}
.toggle-button {
position: absolute;
top: .75rem;
right: 1rem;
display: none;
flex-direction: column;
justify-content: space-between;
width: 30px;
height: 21px;
}
.toggle-button .bar {
height: 3px;
width: 100%;
background-color: white;
border-radius: 10px;
}
@media (max-width: 800px) {
.navbar {
flex-direction: column;
align-items: flex-start;
width: 100%;
}
.toggle-button {
display: flex;
}
.navbar-links {
display: none;
width: 100%;
}
.navbar-links ul {
width: 100%;
flex-direction: column;
}
.navbar-links ul li {
text-align: center;
}
.navbar-links ul li a {
padding: .5rem 1rem;
}
.navbar-links.active {
display: flex;
}
}
<!doctype html>
<html lang="en">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self';style-src 'self'">
<meta charset="utf-8">
<title>Shop</title>
<base href="/">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="icon" type="image/x-icon" href="favicon.ico">
</head>
<body>
<app-root></app-root>
</body>
</html>
在添加 header 時,我應用的樣式被破壞了。
添加 'unsafe-inline' 會解決問題,但有沒有更安全或更好的方法呢?
看起來在style-src
指令中避免'unsafe-inline'
是不可能的。 請參閱“建議步驟”中的第 1 段:
- 我們應該清楚 state 允許 Angular 應用程序在 style-src 中允許“unsafe-inline”。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.