CSP for Twind: Copy-Paste Policies That Actually Work
Twind is great when you want Tailwind-style utilities without a build step. The CSP story is where things get annoying. The problem is simple: Twind often injects CSS at runtime using a <style> tag. CSP hates that unless you explicitly allow it. If you try to run Twind under a strict policy without planning for style injection, your app looks broken fast. This guide is the practical version: what breaks, what policy you need, and the least-painful ways to make Twind work. ...