Non-inline syntax highlighting for CSP security headers

Hi, I just ran into an issue with my site wasn’t working how I expected when deployed vs locally. This is because I set a strict Content Security Policy header, that disallows inline style/scripts. I understand that this is sort of a choice that I make, but it’s actually a very good practice. Plus, some people may not be able to control the headers, depending on how their site is hosted, so I think it would be beneficial to allow this is an option.

The solution would be to perform the highlighting in a style sheet that gets loaded. I noticed that it was mentioned how having everything inlined makes it “faster”, but I think it would also be worthwhile to implement this.

I am happy to take a look at implementing this, but I’d like to get feedback on this and see if it’s worth the effort. Also, happy to open an issue if GH is the preferred forum. Thanks!

It already exists, see Syntax Highlighting | Zola

Hey, sorry, I’m not sure how I missed that the first time. Got it all set up, thanks.