CSP errors caused by Drawer

[FunkeyFlo]

Describe the bug

Drawer component causes CSP violations with a strict CSP policy on style-src-attr.

This is caused due to the component using the setAttribute function from primeuix to set styling.

This is done at the lines:

• primeng/packages/primeng/src/drawer/drawer.ts

  Line 393 in 1d97c85

  setAttribute(this.mask, 'style', this.getMaskStyle());

• primeng/packages/primeng/src/drawer/drawer.ts

  Line 394 in 1d97c85

  setAttribute(this.mask, 'style', `z-index: ${zIndex}`);

Example of valid/invalid usage

// invalid usage: which causes csp violation
document.querySelector("div").setAttribute("style", "display:none;");

// proper usage
document.querySelector("div").style.cssText = "display:none;";

There don't seem to be any other usages in the project that use setAttribute to influence styling.

Pull Request Link

No response

Reason for not contributing a PR

• Lack of time
• Unsure how to implement the fix/feature
• Difficulty understanding the codebase
• Other

Other Reason

I'm not sure if you prefer to change the inner working of primeuix setAttribute to detect styling usage or wether you just want to change these two invocations.

Reproducer

https://stackblitz.com/edit/github-l9aakal4?file=src%2Findex.html

Environment

Angular version

20

PrimeNG version

v20

Node version

24.4.1

Browser(s)

Edge 140

Steps to reproduce the behavior

1. Add style-src-attr 'self' to CSP policy. (meta tag or header)
2. Open a drawer component in your browser
3. Check (browser) console for CSP errors.

Expected behavior

Component shouldn't cause CSP errors.

[SoyDiego]

I have the same problem. I tried to modify the lines adding in the code:

this.mask.style.cssText = this.getMaskStyle();
this.mask.style.zIndex = String(zIndex);

And I compiled the library manually and I replaced the primeng folder in my node_modules but doesn't work.

Any idea @FunkeyFlo?

thanks

[SoyDiego]

Any help here @cetincakiroglu @cagataycivici @mertsincan?
If I need to the modifications in primeuix maybe I can help but maybe you can tell me how can I tested it or compile the library and use in my project because I don't know.

Thanks

[github-actions]

This issue has been automatically marked as stale due to a lack of activity. If this issue is still relevant to you, please leave a comment so we can keep it open. We apologize for not being able to prioritize it sooner. If you have any new information or questions, please share them in your comment!