Gibt es eine Möglichkeit bei dem http-header Plugin CSP so zu konfigurieren, dass folgender Quellcode in meiner HTML Seite nicht durch CSP blockiert wird?
<a href="#" onclick="Joomla.tableOrdering('a.title','asc','', document.getElementById('adminForm'));return false;" class="hasPopover" title="Titel" data-bs-content="Klicken, um nach dieser Spalte zu sortieren" data-bs-placement="top">Titel</a></th>
Folgende Meldung erscheint bei mir im Browser:
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'sha256-hmMEB4F3qKwyT8K+qgB1+j+6OoiUOau5sIUZXCKy00I=' 'sha256-9uyDyXmtJBebsdn2MVXC/u/kOqV26Bj4InOMEH3NduI=' 'sha256-riby8x3MzLeY13IXpDUXA8uRDFlKZDw2coXeg5RioNw=' 'sha256-kkk7UFPifaxTsPMWjNthrrI8chzhf/A6JwZQIx2OWZQ=' 'sha256-Db02/d+QXbmQoiQWl1CWO1n/P5jzxK/cCCG2E+3Du/E=' 'sha256-uTzJbXT2OZ+i3brZpQRtX2ljvF20kooh0+xj8UqVmkg=' 'sha256-kpTl046LhNAq9+OLhMuMFLvmcshIDJh0gckdiNx4mTg=' 'sha256-wHgXkjx9JbmdiTCnfAVg8RuIHIFGjYD+9PCmQUEi/QI=' 'sha256-0hqKmZ4MbwnBZru2vULlbQNjT/nTkuA03ZyzU2Ma3uo=' 'sha256-/2mjxHM5fooVdHxefck4LDhZ5wX23qiZZ+iEXEEYUsE=' 'sha256-iSiXTnKxB14GOEuFVWDM9h4iFmiWBY8HZMK5ntHz+bs=' 'sha256-JpEJvERr7rpBCFaFf4miiP4dkFqrxGd5H0AgkCb5ZQg=' 'sha256-Zk/Yu9AbwnGwUQH7ojsjjJRuuSpnEzOFL70VJq2Pnbs=' 'sha256-UZzUZxjcSjpOj8hQzu/k2m4CVfafH5PLSwEmGC/8huI=' 'sha256-C0yqH6ZxP/7Bz3OnkH1Hh+QQq2v/mMnI4HBQ8kv/8Do=' 'sha256-wiBZL5Mf8qnRAj4L/TDAAI4ILhhVmPfjg1rTB9mb6EY=' 'sha256-s5hcciyMX0W9lpHiZO/6ridFt6g10oqPKrtQ46daJs0=' 'sha256-2vuER6Lq6jFCOOUH+wOYB/miOC1d12UeUj6eUItHeDo=' 'sha256-9bVGpM8Osg/eKTKibjtv7Mh9IbkD/ul8hf9BX8RydHI=' 'sha256-8KNovAql8ptxdCCSjKqHVJO1jLg3lJ9P+w4H211PJB0=' 'sha256-IZ55lKr0UJxotWYdztmHiAYh3cSoU9XsK6KKIRgUPyk=' 'sha256-cMHdua5T1nBK2UWIbCEQsoz/eG73vbCp+YXBdjlokVI=' 'sha256-E1V8nFo6D7tomecnJtjLKwx4FHn/YNKFSZrFst0Zw54=' 'sha256-IZ55lKr0UJxotWYdztmHiAYh3cSoU9XsK6KKIRgUPyk=' 'sha256-cMHdua5T1nBK2UWIbCEQsoz/eG73vbCp+YXBdjlokVI=' 'sha256-qwQ9tfNIe2D55Me+TzkXJCffauS1L+E4CJ4s4r5/AAY=' 'sha256-8YOYIdSiFF9svc65gS9B72qsI8nOp8Y/tMonc+gKdQw=' 'sha256-iF6Nkq0YYga6Gefe2TzSEQ0NEdV3OGbD3BksnxT71mQ=' 'sha256-aRXC8Xk+yedBLMtvedNUQRZny1J6hGnifNuENpA5N2I=' 'sha256-aRXC8Xk+yedBLMtvedNUQRZny1J6hGnifNuENpA5N2I=' 'self' https://connect.facebook.net/de_DE/ https://platform.linkedin.com/ https://platform.twitter.com/ https://www.google-analytics.com https://www.googletagmanager.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://freetools.seobility.ne…check/friededenhuetten.de https://www.googletagmanager.com/gtag/". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.