Skip to content

Commit 4d95f3b

Browse files
andreituicuandreituicu
authored
feat: Enable CSP with nonce (#776)
1 parent 76d737d commit 4d95f3b

File tree

2 files changed

+18
-8
lines changed

2 files changed

+18
-8
lines changed

404.html

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,15 +2,20 @@
22
<html>
33

44
<head>
5+
<meta
6+
http-equiv="Content-Security-Policy"
7+
content="script-src 'nonce-aem' 'strict-dynamic'; base-uri 'self'; object-src 'none';"
8+
move-as-header="true"
9+
>
510
<title>Page not found</title>
6-
<script type="text/javascript">
11+
<script nonce="aem" type="text/javascript">
712
window.isErrorPage = true;
813
window.errorCode = '404';
914
</script>
1015
<meta name="viewport" content="width=device-width, initial-scale=1">
1116
<meta property="og:title" content="Page not found">
12-
<script src="/scripts/scripts.js" type="module" crossorigin="use-credentials"></script>
13-
<script type="module">
17+
<script nonce="aem" src="/scripts/scripts.js" type="module" crossorigin="use-credentials"></script>
18+
<script nonce="aem" type="module">
1419
window.addEventListener('load', () => {
1520
if (document.referrer) {
1621
const { origin, pathname } = new URL(document.referrer);
@@ -26,7 +31,7 @@
2631
}
2732
});
2833
</script>
29-
<script type="module">
34+
<script nonce="aem" type="module">
3035
import { sampleRUM } from '/scripts/lib-franklin.js';
3136
import { applyRedirects } from '/scripts/redirects.js';
3237
await applyRedirects();

head.html

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
<!-- v7 -->
2+
<meta
3+
http-equiv="Content-Security-Policy"
4+
content="script-src 'nonce-aem' 'strict-dynamic'; base-uri 'self'; object-src 'none';"
5+
move-as-header="true"
6+
>
27
<meta name="viewport" content="width=device-width, initial-scale=1"/>
3-
<script src="/scripts/lib-franklin.js" type="module"></script>
4-
<script src="/scripts/scripts.js" type="module"></script>
5-
<script src="/scripts/indexing-test.js?date=2024-08-16" type="module"></script>
6-
<link rel="stylesheet" href="/styles/styles.css"/>
8+
<script nonce="aem" src="/scripts/lib-franklin.js" type="module"></script>
9+
<script nonce="aem" src="/scripts/scripts.js" type="module"></script>
10+
<script nonce="aem" src="/scripts/indexing-test.js?date=2024-08-16" type="module"></script>
11+
<link rel="stylesheet" href="/styles/styles.css"/>

0 commit comments

Comments
 (0)