Support Marker Embed with Strict CSP (no `unsafe-inline`)
Joe Scanlon
Feature Overview
- Allow teams to embed Marker.io on sites that use a strict Content Security Policy (CSP) without requiring unsafe-inlineinstyle-src.
- This would make it possible to use Marker.io while keeping strong security rules in place.
Use Case
- Some customers use strict CSP to meet security standards. Right now, Marker.io requires unsafe-inlinefor styles, which blocks these teams from using the embed.
- Nonce or hash-based alternatives aren’t supported at the moment.
Log In