Skip to main content
Stack Overflow
  1. About
  3. For Teams
Filter by
Sorted by
Tagged with
0 votes
2 answers
83 views

I have to secure a checkout that includes a nonce aware GTM script code: <script nonce="eWp5ejMyZjFiZDRzMzBwZjc1M3dhYXdpNHRnM3RoNjc=">(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm....
0 votes
1 answer
60 views

In my very simple Sinatra app I have a home page on which there is form which needs to be submitted through AJAX and the HAML template needs to execute some JS code. And I need to set the Content-...
3 votes
1 answer
285 views

I am working on a Angular 18 project. My org has the strict CSP policy and no unsafe-inline is allowed. As documented by Angular here, while rendering the index.html, I generate a nonce per request ...
1 vote
0 answers
106 views

In my web app (based on Hanami 2.2) I have ContentSecurityPolicy enabled to allow inline scripts to run using nonce strategy config/app.rb config.actions.content_security_policy[:script_src] = "'...
-2 votes
1 answer
206 views

I made a signature on solana solana verify-offchain-signature --signer DR2BCjL1yX5HnuTSYVMeRY5tsHd8ZJZz2vFf5zs5aYop "55f04639-d058-407a-8b38-7df7b20b39a0" ...
0 votes
1 answer
199 views

The nonce doesn't seem to work anywhere. Currently we cut out everything that could make problems, since of course it should be generated, but now it is just static for testing purposes. Our content ...
0 votes
0 answers
79 views

I'm using Angular 12 with Content Security Policy (CSP) headers in place, including a nonce for script-src and style-src. The app loads correctly except for Angular Material icons, which appear broken....
1 vote
1 answer
78 views

We are trying to generate a nonce for a chrome web extension so that we can run content scripts within an HTML that communicates with an onscreen popup. We have been hit with security errors when ...
2 votes
1 answer
368 views

I have an Angular v. 18.2 app. It uses nonces for strict Content-Security-Policy. It is built and deployed in Jenkins. It was working fine until about a few weeks ago (not sure of the exact date of ...
0 votes
2 answers
94 views

I am using FullCalendar.io in my Asp.Net core web app. Also I have setup CSP with NetEscapades.AspNetCore.SecurityHeaders. Here are the definitions: policy.AddContentSecurityPolicy(builder => { ...
0 votes
0 answers
100 views

I'm working on integrating Google OAuth2 into a WordPress plugin and trying to secure the authorization flow using a custom nonce parameter. Here’s what I’ve done: 1. Generated the nonce and added it ...
0 votes
1 answer
596 views

While applying CSP nonce for scripts and styles, I ran into a problem for ag-grid (https://www.ag-grid.com/). I followed approach mentioned in angular csp documentation (https://angular.dev/best-...
0 votes
1 answer
1k views

I have written an Angular custom element like below customElements.define('my-comp', createCustomElement(BasicComponent, config)); and will provide as js file after build using npm run build-elements ...
0 votes
0 answers
841 views

I'm using Rails 6.1.7 and trying to configure CSP in my application. I already have the file content_security_policy.rb configured: Rails.application.config.content_security_policy do |policy| ...
1 vote
0 answers
440 views

I have containerized and deployed my angular app to nginx. I want to send a Content-Security-Policy header with a nonce. I am using $ssl_session_id for the nonce from nginx. I am able to pass the ...

15 30 50 per page
1
2 3 4 5
...
25

AltStyle によって変換されたページ (->オリジナル) /