mirror_css/bootstrap
1
0
Fork 0
mirror of https://github.com/twbs/bootstrap.git synced 2025-08-29 16:19:53 +02:00
Code Issues Releases Wiki Activity

Document how to extract CSS, SVG for strict CSP (#36587)

Browse Source 
* Webpack: explain how to extract CSS from bundle

* Webpack: explain how to extract SVG from bundle

* Update webpack.md

Co-authored-by: Mark Otto <otto@github.com>
This commit is contained in:
charlesroelli
2022-09-01 21:14:07 +02:00
committed by GitHub
parent b5f2d5a31e
commit 4f97d8fabd
2 changed files with 88 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
site/content/docs/5.2/customize/overview.md
View File

@@ -48,4 +48,4 @@ Several Bootstrap components include embedded SVGs in our CSS to style component
- [Navbar toggle buttons]({{< docsref "/components/navbar#responsive-behaviors" >}})
- [Select menus]({{< docsref "/forms/select" >}})
Based on [community conversation](https://github.com/twbs/bootstrap/issues/25394), some options for addressing this in your own codebase include replacing the URLs with locally hosted assets, removing the images and using inline images (not possible in all components), and modifying your CSP. Our recommendation is to carefully review your own security policies and decide on the best path forward, if necessary.
Based on [community conversation](https://github.com/twbs/bootstrap/issues/25394), some options for addressing this in your own codebase include [replacing the URLs with locally hosted assets]({{< docsref "/getting-started/webpack#extracting-svg-files" >}}), removing the images and using inline images (not possible in all components), and modifying your CSP. Our recommendation is to carefully review your own security policies and decide on the best path forward, if necessary.