-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Utterances Requires inline-script CSP Access #898
Comments
Actually, we might be able to revert back to the original code altogether. That's what I did in my site, and take a look: Changing the theme from light to dark works just fine for utterances. https://www.micah.soy/posts/introduction-to-cryptography-blade-runner-style/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the problem:
Commit 9ea82c5 change Utterances script load logic to support changing between light and dark modes. However, this uses an inline script. This inline script will not execute unless the site's Content Security Policy allows
inline-script
, which is generally not considered a good idea.Steps to reproduce:
inline-script
accessOne possible workaround might be to load this as an external script, using whatever Hugo uses for generating the integrity values on script elements.
The text was updated successfully, but these errors were encountered: