Skip to main content

BEST PRACTICE FOR CODING

Best Practice For CSP Coding Guide

 

Avoid "Unsafe Inline" (CSS)

Dont do this ❌

Avoid inline styling.

<div class="wrapper" style="overflow:hidden;background: #ffffff; ">

Do this ✔

Either separate the css on other file then include it using link, or use style tag with nonce

## on php editor
echo <<<HTML
<style nonce="'.$nonce.'">
    .wrapper-1 {
        overflow:hidden;background: #ffffff;   
    }
</style>
<div class="wrapper wrapper-1" >
HTML
;


## on html editor
<style nonce="{{nonce}}">
    .wrapper-1 {
        overflow:hidden;background: #ffffff;   
    }
</style>
<div class="wrapper wrapper-1" >

 

Avoid "Unsafe Inline" (javascript)

Dont do this ❌

Avoid inline script.

<script>
       $(window).on("load", function() {}());
</script>

Do this ✔

Either separate the script on other file then include the script, or use script tag with nonce

## on php editor
echo 
<<<SCRIPT
<script nonce="'.$nonce.'">
       $(window).on("load", function() {}());
</script>
SCRIPT
;

## on html editor
<script nonce="{{nonce}}">
       $(window).on("load", function() {}());
</script>
No Comments
Back to top