fix: strengthen CSP headers for style (#880)

addons/addon-base-ui/packages/base-ui/src/parts/Login.js

@@ -178,20 +178,6 @@ class Login extends React.Component {
     const renderBrandingLogo = <Image centered src={this.props.assets.images.loginImage} />;
     return (
       <div className="login-form animated fadeIn">
-        {/*
-        Heads up! The styles below are necessary for the correct render of this example.
-        You can do same with CSS, the main idea is that all the elements up to the `Grid`
-        below must have a height of 100%.
-      */}
-        <style>
-          {`
-        body > div#root,
-        body > div#root > div,
-        body > div#root > div > div.login-form {
-          height: 100%;
-        }
-      `}
-        </style>
         <Grid textAlign="center" style={{ height: '100%' }} verticalAlign="middle">
           <Grid.Column style={{ maxWidth: 450 }}>
             <Form

addons/addon-base-ui/packages/base-ui/src/parts/MainLayout.js

@@ -97,7 +97,7 @@ class MainLayout extends React.Component {
         </Menu.Menu>
       </Menu>,
       <div
-        className="fit animated fadeIn"
+        className="mainLayout fit animated fadeIn"
         style={{
           paddingTop: '40px',
           paddingLeft: '84px',

main/solution/edge-lambda/config/infra/cloudformation.yml

@@ -3,17 +3,17 @@ Resources:
   # IAM Role for CloudFront Interceptor Lambda (Lambda@Edge)
   # =============================================================================================
   RoleCloudFrontInterceptor:
-    Type: "AWS::IAM::Role"
+    Type: 'AWS::IAM::Role'
     Properties:
       AssumeRolePolicyDocument:
-        Version: "2012-10-17"
+        Version: '2012-10-17'
         Statement:
           - Effect: Allow
             Principal:
               Service:
                 - lambda.amazonaws.com
                 - edgelambda.amazonaws.com
-            Action: "sts:AssumeRole"
+            Action: 'sts:AssumeRole'
       ManagedPolicyArns:
         - arn:aws:iam::aws:policy/AWSLambdaExecute
         - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
@@ -26,17 +26,17 @@ Resources:
                 - logs:CreateLogGroup
                 - logs:CreateLogStream
                 - logs:PutLogEvents
-              Resource: "arn:aws:logs:*:*:*"
+              Resource: 'arn:aws:logs:*:*:*'
 
   # =============================================================================================
   # CloudFront Interceptor Lambda (Lambda@Edge)
   # =============================================================================================
 
   # Lambda@Edge that intercepts CloudFront response and adds various security headers in the response
   EdgeLambda:
-    Type: "AWS::Lambda::Function"
-    # Avoid to try to delete the Edge Lambda because it raises errors until all associations with Cloudfront are removed. 
-    # Even then, replicas are being automatically deleted only 1 hour after the removal of all associations. 
+    Type: 'AWS::Lambda::Function'
+    # Avoid to try to delete the Edge Lambda because it raises errors until all associations with Cloudfront are removed.
+    # Even then, replicas are being automatically deleted only 1 hour after the removal of all associations.
     # After that, the Edge lambda can be deleted manually at https://console.aws.amazon.com/lambda/home
     DeletionPolicy: Retain
     Properties:
@@ -73,7 +73,7 @@ Resources:
             headers["content-security-policy"] = [
               {
                 key: "Content-Security-Policy",
-                value: `default-src 'none'; connect-src ${connectSrc}; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self' data:`
+                value: `default-src 'none'; connect-src ${connectSrc}; img-src 'self' data:; script-src 'self'; style-src 'strict-dynamic' 'self'; font-src 'self' data:`
               }
             ];