diff --git a/src/middleware.ts b/src/middleware.ts
index 15b4bbfab..489d85a69 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -524,9 +524,12 @@ function get_page_handler(
styles = (css && css.code ? `` : '');
}
+ // users can set a CSP nonce using res.locals.nonce
+ const nonceAttr = (res.locals && res.locals.nonce) ? ` nonce="${res.locals.nonce}"` : '';
+
const body = template()
.replace('%sapper.base%', () => ``)
- .replace('%sapper.scripts%', () => ``)
+ .replace('%sapper.scripts%', () => `${script}`)
.replace('%sapper.html%', () => html)
.replace('%sapper.head%', () => `${head}`)
.replace('%sapper.styles%', () => styles);