Closed adamgreg closed 5 months ago
Hi @marvinhagemeister,
I just saw https://github.com/denoland/fresh/pull/2323 , and I'm not sure it's right for the case where CSP is enabled.
A couple of lines above, where the nonce variable is created, it is missing the closing quote. Previously this was then provided within the bodyHtml string itself, but now it doesn't look like it will be.
nonce
bodyHtml
https://github.com/denoland/fresh/blob/8187189037836716c5a03bff30b885a831b828a6/src/server/rendering/fresh_tags.tsx#L172
Hi @marvinhagemeister,
I just saw https://github.com/denoland/fresh/pull/2323 , and I'm not sure it's right for the case where CSP is enabled.
A couple of lines above, where the
noncevariable is created, it is missing the closing quote. Previously this was then provided within thebodyHtmlstring itself, but now it doesn't look like it will be.https://github.com/denoland/fresh/blob/8187189037836716c5a03bff30b885a831b828a6/src/server/rendering/fresh_tags.tsx#L172