pmmmwh
commented
5 months ago Seems to be a non-issue if injected properly within the same script + strict-dynamic.
Closed pmmmwh closed 5 months ago
pmmmwh
commented
5 months ago Seems to be a non-issue if injected properly within the same script + strict-dynamic.
When using a nonce-based strict CSP, the speed-insights script will be blocked by the browser.
Is support for a
nonceconfig option something acceptable?Ref: https://nextjs.org/docs/pages/building-your-application/configuring/content-security-policy https://csp.withgoogle.com/docs/strict-csp.html