inline javascript does not comply Content Security Policies

Question

Closed this issue 6 years ago · 5 comments

apaxy homepage contains some inline javascript (see these lines).

Content Security Policy encourage to move inline javascript into a separate javascript file and not to use script-src 'unsafe-inline'.

apaxy should move inline javascript into a separate javascript file.

Answer 1 · 2017-01-15T23:05:24.000Z

I created a pull request about that into #84

Answer 2 · 2017-01-15T23:13:04.000Z

By the way, I wonder what it this javascript useful for?

Everything seems to work even without this piece of javascript. Am I missing a specific feature?

Answer 3 · 2017-04-28T16:08:32.000Z

Are you willing to merge this request or not?

Is there a problem with my code? Should I improve it in a specific way?

Answer 4 · 2018-02-20T02:49:03.000Z

@oupala Can this be closed now that the pull was merged?

Answer 5 · 2018-02-20T16:54:57.000Z

You're right!