After running into too many issues getting strict inline styles to work, I've decided to use unsafe-inline for style-src.

I have configured 'style-src': ['self', 'unsafe-inline'] in the directives, but in production the style-src still contains a nonce which disables unsafe-inline.

It seems the only way to prevent this from happening is to remove the gsspWithNonce wrapper from my pages, but I do need the nonce for script-src.

Is there a way to keep using a nonce for script-src, while being allowed to use unsafe-inline for style-src? I have dug through the code and issues but unfortunately came up empty.

edit: Turns out the reason why my strict inline styles were failing is caused by another issue: Routing & Nonce Required #77