search

julienbourdeau / debugbar

Powerful devtools for Ruby on Rails. Inspired by the Laravel Debugbar.
https://debugbar.dev
MIT License
487 stars 8 forks source link

Allow nonce to be set for debugbar_body #38

Closed trevorrjohn closed 5 months ago

trevorrjohn commented 6 months ago

Allow nonce to be set for content security policies

trevorrjohn commented 6 months ago

@julienbourdeau any thoughts on this?

tsvallender commented 6 months ago

Just gone to try this gem for the first time and hit CSP issues—this would be a big help

trevorrjohn commented 6 months ago

Hey @julienbourdeau just wanted to ask again if you had any questions or feedback on this change.

julienbourdeau commented 6 months ago

Hi @trevorrjohn I'm really sorry for the delay. I don't see any reason not to merge it. I'll merge and release it this weekend 🙏

trevorrjohn commented 5 months ago

Hey @julienbourdeau sorry to bother again. I know you have a lot going on, but I didn't want this to get dropped.

julienbourdeau commented 5 months ago

Hey @trevorrjohn Sorry again for the delay! I just published 0.3.3 with this fix https://github.com/julienbourdeau/debugbar/commit/6df7e2ebfda55b529f59e22e36bafdfc9adbc945

pas256 commented 4 months ago

@trevorrjohn What did you have to do to get the nonce set? I might be doing something wrong, but what I see is:

<script type="text/javascript" data-turbo-permanent nonce="">
  window._debugbarConfigOptions = {"cable":{"url":"...
</script>