fix nonce syntax

mastercomfig · Jul 11, 2024 · 13fad06 · 13fad06
1 parent 16cc738
commit 13fad06
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/astro.config.mts b/astro.config.mts
@@ -88,7 +88,7 @@ const astroCSPHashExporter: AstroIntegration = {
         scriptSrcHashes,
       );
       // Not ideal, but protects against non-targeted attacks. We don't really have options for non-dynamic content.
-      const scriptSrcNonce = crypto.randomBytes(16).toString("base64");
+      const scriptSrcNonce = `'nonce-${crypto.randomBytes(16).toString("base64")}'`;
       headersFile = headersFile.replace("{{SCRIPT_SRC_NONCE}}", scriptSrcNonce);
       const styleSrcElementHashes = `'${sriHashes.inlineStyleHashes.join("' '")}'`;
       headersFile = headersFile.replace(