I am working on an Angular 14 project where I need to comply with a strict Content Security Policy (CSP) that includes the directive "style-src 'self'". This means I cannot have any inline-styles in my application.
How can I completely remove inline styles to ensure that I can use style src 'self' in my CSP? Is there any additional configuration or workaround needed to prevent Angular from inlining styles?
I cannot use ngCspNonce here as it is not supported in Angular version 14.
I tried setting the 'inlineCritical' option to 'false' in the angular.json file under the build configurations, expecting it to remove the inline styles.
`"build": { "configurations": { "optimization": { "scripts": true, "styles": { "minify": true, "inlineCritical": false } }, "outputHashing": "all", "sourceMap": false, "namedChunks": false, "extractLicenses": true, "vendorChunk": false, "buildOptimizer": true, } }` 
Top comments (0)