Hi

CSP is now the expected security standard to prevent XSS attacks.

https://blog.astrid-guenther.de/en/cassiopeia/10content-security-policy-joomla4/

Would it be possible for page builder pro to check if httpheaders has nonce enabled and put this code into the <style type="text/css"> tag

It works for javascript as this gets added using the joomla API, but not for the inline CSS.

Thanks, Marius