tiradoe/movie-night-nuevo
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

nonce updates for livewire

Browse source
This commit is contained in:
Edward Tirado Jr 2025-12-14 23:17:17 -06:00
parent 844097ecf0
commit 8167c3a3e7
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/Http/Middleware/AddContentSecurityPolicy.php
View file

@ -24,8 +24,9 @@ class AddContentSecurityPolicy
"style-src 'self' 'unsafe-inline' http: https:; " . "style-src 'self' 'unsafe-inline' http: https:; " .
"connect-src 'self' ws: http: https:;"; "connect-src 'self' ws: http: https:;";
} else { } else {
// Production CSP - Livewire v3 requires unsafe-eval // Production CSP - Livewire v3 requires unsafe-eval and nonce for inline scripts
$csp = "script-src 'self' 'unsafe-eval' https:; " . $nonce = csp_nonce();
$csp = "script-src 'self' 'unsafe-eval' 'nonce-{$nonce}' https:; " .
"style-src 'self' 'unsafe-inline' https:; " . "style-src 'self' 'unsafe-inline' https:; " .
"connect-src 'self' https:;"; "connect-src 'self' https:;";
} }