- Help Center
- Consent Notices (old flow)
- Customization
-
Consent notice creation
-
Compliance report
-
Preference Management Platform
-
Privacy Request
-
IAB TCF
-
Analytics
-
Integrations
-
Lexicon
-
Legal Requirements
-
Release notes
-
Privacy Center and Data Processing
-
Agnostik - Facettes
-
Use cases
-
FAQ
-
Versions & Proofs
-
Login & Security
-
Video tutorials
-
Privacy Hub widget
-
Consent Notices (old flow)
Restricted CSS expressions
Restricted CSS expressions in the Custom CSS field of Web consent notices
⚙️ What CSS expressions are not allowed in custom CSS?
When configuring custom CSS on your consent notice from the Didomi Console, the following expressions are not allowed:
- url()
- @import()
- @charset()
- expression()
- -moz-binding
- javascript
If one of the listed expressions is used, the Console will prevent you from saving or publishing your consent notice and an error message will be displayed.
You will not be able to save or publish your consent notice until you remove the expression that is not allowed.
⚙️ Why are CSS expressions not allowed?
We restrict the acceptable CSS expressions in custom CSS for security reasons.
Expressions that load external resources or execute JavaScript can be used to execute code on a webpage. To ensure that the Didomi Console cannot be used for cross-site scripting (XSS), those expressions are blocked.
If you absolutely need those expressions for your custom CSS, you can set them directly on your website and not through the Didomi Console.