rob101
rob101
Why not solve this with a Middleware class? E.g. assuming you are using django-csp to generate a nonce, you could follow something like this with BS4 to add attributes to...
@gasman XSS is usually client side isn't it, typically a browser side script injection? The middleware runs before DOM load so bad actor script tags would not be caught, unless...
I think the best option is to subclass ModelForm: ``` class TenantModelForm(forms.ModelForm): def __init__(self, *args, **kwargs): kwargs.setdefault('label_suffix', '') super().__init__(*args, **kwargs) tenant = get_current_tenant() if tenant: for field in self.fields.values(): if...
> * Apply an **absolute** width to the flex container, e.g.: `.row {width: 20cm}` > This isn't a good one -- 20cm, huh? > * Hide the (superfluent?) `max-width` from...
Possibly a regression of https://github.com/Riverside-Healthcare/djLint/issues/756
I have submitted a PR https://github.com/citusdata/django-multitenant/pull/217
This issue occurs when mutations.js finds an existing inline style but doesn't reapply the nonce: 
@mydea FWIW this is probably affecting anyone using popperjs/floatUI or any nonce-safe script that injects inline style (e.g. Boostrap, etc). When the style is injected into the DOM, sentry will...
@billyvg is a fix planned for this / a workaround now available? thanks