inline javascript does not comply Content Security Policies
Closed this issue · 5 comments
oupala commented
apaxy homepage contains some inline javascript (see these lines).
Content Security Policy encourage to move inline javascript into a separate javascript file and not to use script-src 'unsafe-inline'
.
apaxy should move inline javascript into a separate javascript file.
oupala commented
By the way, I wonder what it this javascript useful for?
Everything seems to work even without this piece of javascript. Am I missing a specific feature?
oupala commented
Are you willing to merge this request or not?
Is there a problem with my code? Should I improve it in a specific way?
oupala commented
You're right!