This pull request adds a new :csp_nonce_assign_key option to the error_tracker_dashboard/2 macro. If provided, the error tracker will fetch the nonce from the given assign key and use it in the <style> and <script> tags.
This allows using the ErrorTracker dashboard in environments with a restricted content security policy without requiring the usage of unsafe-inline, which should be avoided.
This pull request adds a new
:csp_nonce_assign_keyoption to theerror_tracker_dashboard/2macro. If provided, the error tracker will fetch the nonce from the given assign key and use it in the<style>and<script>tags.This allows using the ErrorTracker dashboard in environments with a restricted content security policy without requiring the usage of
unsafe-inline, which should be avoided.This implementation is based on the Phoenix LiveDashboard one.
I've updated the
dev.exsscript to use CSP headers. If we remove the new option we will see that the ErrorTracker dashboard doesn't have any styles.Closes #58