Open
Conversation
sbreker
requested changes
Mar 4, 2026
Member
sbreker
left a comment
sbreker
left a comment
There was a problem hiding this comment.
Hi Mel - It is a great idea to update this documentation and link to CSP. I have added a couple comments:
- it is possible to still use styles and scripts with static pages, they must be signed with a nonce however.
- it would be good to add a link to the CSP page.
melaniekung
force-pushed
the
dev/csp-static
branch
from
59934e3 to
b1f55a0
Compare
anvit
approved these changes
Mar 10, 2026
melaniekung
force-pushed
the
dev/csp-static
branch
from
b1f55a0 to
d5271c9
Compare
sbreker
requested changes
Mar 31, 2026
| ------------------ | ||
|
|
||
| You can add styled boxes around text by wrapping content in the HTML ``<div>`` | ||
| element, and then using inline CSS to modify the |
Member
There was a problem hiding this comment.
I think this section is still demonstrating using inline styles. Can these examples be reworked with BS5 styling?
sbreker
reviewed
Mar 31, 2026
| AtoM now enforces a :ref:`security-csp-headers` across the application. | ||
| As a result, inline CSS styles within static page content will no longer | ||
| be applied. Consider using Markdown formatting or BS5 classes instead where | ||
| styling is required. |
Member
There was a problem hiding this comment.
Should we add something to the effect of "CSP can be disabled which would allow inline scripts and styles to be used in static pages, but this is not recommended."?
melaniekung
force-pushed
the
dev/csp-static
branch
from
450b99d to
bf1f0c7
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.