CSP fix inline styles - Refused to load the stylesheet

[schlos]

Laddr: v2

Chrome console:

o9pIGdlOpMNT_fu0Z0d6ndhLjpY.js:338 Refused to load the stylesheet 'data:text/css;charset=utf-8;base64,QGltcG9ydCB1cmwoaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PU1vbnRzZXJyYXQ6NDAwLDcwMCk7CmNsb3VkZmxhcmUtYXBwW2FwcD0iZmxhc2hjYXJkIl0gewogIC13ZWJraXQtZm9udC1zbW9vdGhpbmc6IGFudGlhbGlhc2VkOwogIGJhY2tncm91bmQtY29sb3I6ICNmZmY7CiAgY29sb3I6ICM0NDQ7CiAgZGlzcGxheTogZmxleDsKICBmbGV4LWZsb3c6IGNvbHVtbjsKICBmb250LWZhbWlseTogTW9udHNlcnJhdCwgc2Fucy1zZXJpZjsKICBmb250LXNpemU6IDE0cHg7CiAgZm9udC13ZWlnaHQ6IDQwMDsKICBtYXgtd2lkdGg6IDEwMCU7CiAgbWluLWhlaWdodDogNzBweDsKICBwYWRkaW5nOiAyMHB4...VyZC10aGVtZS1kZWZhdWx0IHsKICBkaXNwbGF5OiBpbmxpbmUtYmxvY2s7CiAgdmVydGljYWwtYWxpZ246IG1pZGRsZTsKICAqdmVydGljYWwtYWxpZ246IGF1dG87CiAgKnpvb206IDE7CiAgKmRpc3BsYXk6IGlubGluZTsKICBib3JkZXItcmFkaXVzOiAzcHg7CiAgY3Vyc29yOiBwb2ludGVyOwogIGJvcmRlcjogMDsKICBtYXJnaW46IDAgLjVlbSAwIDA7CiAgZm9udC1mYW1pbHk6IGluaGVyaXQ7CiAgdGV4dC10cmFuc2Zvcm06IHVwcGVyY2FzZTsKICBsZXR0ZXItc3BhY2luZzogLjFlbTsKICBmb250LXNpemU6IC44ZW07CiAgbGluZS1oZWlnaHQ6IDFlbTsKICBwYWRkaW5nOiAuNzVlbSAyZW07CiAgYmFja2dyb3VuZDogIzMyODhlNjsKICBjb2xvcjogI2ZmZjsgfQo=' because it violates the following Content Security Policy directive: "style-src 'self' *.codeforcroatia.org fonts.googleapis.com use.fontawesome.com 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

(anonymous) @ o9pIGdlOpMNT_fu0Z0d6ndhLjpY.js:338

6HXwHfwN6C9LmVio1sG0oCegiDk.js:145 Refused to load the stylesheet 'data:text/css;charset=utf-8;base64,Y2xvdWRmbGFyZS1hcHBbYXBwPSJjb3Zlci1tZXNzYWdlIl0sCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdICogewogIGJveC1zaXppbmc6IGJvcmRlci1ib3g7Cn0KCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdIHsKICBib3R0b206IDA7CiAgZGlzcGxheTogbm9uZTsKICBmb250LXNpemU6IDE2cHg7CiAgbGVmdDogMDsKICBwb3NpdGlvbjogZml4ZWQ7CiAgcmlnaHQ6IDA7CiAgdG9wOiAwOwogIHotaW5kZXg6IDEwMDAwOwp9CgpjbG91ZGZsYXJlLWFwcFthcHA9ImNvdmVyLW1lc3NhZ2UiXS5jZi1pbnZhbGlkIGNmLWRpYWxvZy1jb250ZW50LXRpdGxlLApjbG91ZGZsYXJlLWFwcFthcHA9...Vzc2FnZSJdIGlucHV0W3R5cGU9ImVtYWlsIl06Zm9jdXMgewogIG91dGxpbmU6IG5vbmU7Cn0KCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdIGZvcm0gewogIHdpZHRoOiAxMDAlOwogIG1hcmdpbi10b3A6IDEuNzVlbTsKICAtd2Via2l0LWJveC1hbGlnbjogY2VudGVyOwogICAgICAtbXMtZmxleC1hbGlnbjogY2VudGVyOwogICAgICAgICAgYWxpZ24taXRlbXM6IGNlbnRlcjsKICBkaXNwbGF5OiAtd2Via2l0LWJveDsKICBkaXNwbGF5OiAtbXMtZmxleGJveDsKICBkaXNwbGF5OiBmbGV4OwogIC13ZWJraXQtYm94LXBhY2s6IGVuZDsKICAgICAgLW1zLWZsZXgtcGFjazogZW5kOwogICAgICAgICAganVzdGlmeS1jb250ZW50OiBmbGV4LWVuZDsKfQo=' because it violates the following Content Security Policy directive: "style-src 'self' *.codeforcroatia.org fonts.googleapis.com use.fontawesome.com 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

(anonymous) @ 6HXwHfwN6C9LmVio1sG0oCegiDk.js:145
codeforcroatia.org/:1 Refused to load the stylesheet 'data:text/css;charset=utf-8;base64,QGltcG9ydCB1cmwoaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PU1vbnRzZXJyYXQ6NDAwLDcwMCk7CmNsb3VkZmxhcmUtYXBwW2FwcD0iZmxhc2hjYXJkIl0gewogIC13ZWJraXQtZm9udC1zbW9vdGhpbmc6IGFudGlhbGlhc2VkOwogIGJhY2tncm91bmQtY29sb3I6ICNmZmY7CiAgY29sb3I6ICM0NDQ7CiAgZGlzcGxheTogZmxleDsKICBmbGV4LWZsb3c6IGNvbHVtbjsKICBmb250LWZhbWlseTogTW9udHNlcnJhdCwgc2Fucy1zZXJpZjsKICBmb250LXNpemU6IDE0cHg7CiAgZm9udC13ZWlnaHQ6IDQwMDsKICBtYXgtd2lkdGg6IDEwMCU7CiAgbWluLWhlaWdodDogNzBweDsKICBwYWRkaW5nOiAyMHB4...VyZC10aGVtZS1kZWZhdWx0IHsKICBkaXNwbGF5OiBpbmxpbmUtYmxvY2s7CiAgdmVydGljYWwtYWxpZ246IG1pZGRsZTsKICAqdmVydGljYWwtYWxpZ246IGF1dG87CiAgKnpvb206IDE7CiAgKmRpc3BsYXk6IGlubGluZTsKICBib3JkZXItcmFkaXVzOiAzcHg7CiAgY3Vyc29yOiBwb2ludGVyOwogIGJvcmRlcjogMDsKICBtYXJnaW46IDAgLjVlbSAwIDA7CiAgZm9udC1mYW1pbHk6IGluaGVyaXQ7CiAgdGV4dC10cmFuc2Zvcm06IHVwcGVyY2FzZTsKICBsZXR0ZXItc3BhY2luZzogLjFlbTsKICBmb250LXNpemU6IC44ZW07CiAgbGluZS1oZWlnaHQ6IDFlbTsKICBwYWRkaW5nOiAuNzVlbSAyZW07CiAgYmFja2dyb3VuZDogIzMyODhlNjsKICBjb2xvcjogI2ZmZjsgfQo=' because it violates the following Content Security Policy directive: "style-src 'self' *.codeforcroatia.org fonts.googleapis.com use.fontawesome.com 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

codeforcroatia.org/:1 Refused to load the stylesheet 'data:text/css;charset=utf-8;base64,Y2xvdWRmbGFyZS1hcHBbYXBwPSJjb3Zlci1tZXNzYWdlIl0sCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdICogewogIGJveC1zaXppbmc6IGJvcmRlci1ib3g7Cn0KCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdIHsKICBib3R0b206IDA7CiAgZGlzcGxheTogbm9uZTsKICBmb250LXNpemU6IDE2cHg7CiAgbGVmdDogMDsKICBwb3NpdGlvbjogZml4ZWQ7CiAgcmlnaHQ6IDA7CiAgdG9wOiAwOwogIHotaW5kZXg6IDEwMDAwOwp9CgpjbG91ZGZsYXJlLWFwcFthcHA9ImNvdmVyLW1lc3NhZ2UiXS5jZi1pbnZhbGlkIGNmLWRpYWxvZy1jb250ZW50LXRpdGxlLApjbG91ZGZsYXJlLWFwcFthcHA9...Vzc2FnZSJdIGlucHV0W3R5cGU9ImVtYWlsIl06Zm9jdXMgewogIG91dGxpbmU6IG5vbmU7Cn0KCmNsb3VkZmxhcmUtYXBwW2FwcD0iY292ZXItbWVzc2FnZSJdIGZvcm0gewogIHdpZHRoOiAxMDAlOwogIG1hcmdpbi10b3A6IDEuNzVlbTsKICAtd2Via2l0LWJveC1hbGlnbjogY2VudGVyOwogICAgICAtbXMtZmxleC1hbGlnbjogY2VudGVyOwogICAgICAgICAgYWxpZ24taXRlbXM6IGNlbnRlcjsKICBkaXNwbGF5OiAtd2Via2l0LWJveDsKICBkaXNwbGF5OiAtbXMtZmxleGJveDsKICBkaXNwbGF5OiBmbGV4OwogIC13ZWJraXQtYm94LXBhY2s6IGVuZDsKICAgICAgLW1zLWZsZXgtcGFjazogZW5kOwogICAgICAgICAganVzdGlmeS1jb250ZW50OiBmbGV4LWVuZDsKfQo=' because it violates the following Content Security Policy directive: "style-src 'self' *.codeforcroatia.org fonts.googleapis.com use.fontawesome.com 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

Info: https://stackoverflow.com/a/18428346

Todo:

• move inline styles to a dedicated file
• remove 'unsafe-inline' from CSP directive (meta)