Varpuspaavi
commented
4 months ago @rocket-turtle Yes, this sounds like a good idea. We should also add this for the other integrations cc. @itsahsiao
We will try to look into this soon 🙏
Closed rocket-turtle closed 1 month ago
Varpuspaavi
commented
4 months ago @rocket-turtle Yes, this sounds like a good idea. We should also add this for the other integrations cc. @itsahsiao
We will try to look into this soon 🙏
itsahsiao
commented
4 months ago @rocket-turtle Thanks for raising this. We've added this to our roadmap and will take a look. cc: @Varpusparvi
github-actions[bot]
commented
3 months ago Hey! This issue is still open, but there hasn't been any activity for a month now, so we will be marking this issue as stale and closing it in a week if it's still inactive.
itsahsiao
commented
3 months ago Sorry for the automated message. We do have this task on our roadmap and will provide an update once we work on it.
itsahsiao
commented
2 months ago @rocket-turtle As an update, our developer has worked on adding nonce support and opened this PR. We should have the changes soon and once merged, we will let you know so you can test it out!
Varpuspaavi
commented
2 months ago @rocket-turtle Version 3.2.0 should automatically add nonce to the script through content_security_policy_nonce
Readme was updated with some details.
Hopefully this works for you :)
rocket-turtle
commented
1 month ago Thank you. That looks promissing.
Would it be possible to add a nonce config for
load_in_context_editorthat it is possible to use this gem with CSP.https://github.com/phrase/phraseapp-in-context-editor-ruby/blob/master/lib/phraseapp-in-context-editor-ruby/view_helpers.rb