The 'CSP: style-src unsafe-inline' vulnerability indicates that application's Content Security Policy allows the use of inline styles, which can be exploited by attackers. Is there a way to avoid 'CSP: style-src unsafe-inline' with brightcove player?
Hi
Hope you are doing excellent today,
I appreciate you using BrightSpot to share your question.
I will be contacting you in private message, as we need additional information to follow up on your request.
Thank you!
Hi
Hope this and Perla’s response was helpful.
Hi
Thank you for checking this and for the suggestion. Generating the hash requires some manual work on our end after a new player updates, I'd like to avoid this if possible. I think it would be good to have a separate file for CSS and a separate one for JS, this would solve the CSP problem. Not sure if anyone has implemented it so far.
Hi
Reply
Login to the community
No account yet? Create an account
Brightcove Employee Login
LOGIN VIA OKTAEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.