emb417
commented
3 weeks ago NextJS Third Parties package doesn't support a nonce, will need a custom implementation.
https://nextjs.org/docs/pages/building-your-application/configuring/content-security-policy
Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and without a nonce found. That's dangerous, don't use it. If you really need one of these unsafe directives, add a nonce.
https://developers.google.com/tag-platform/security/guides/csp