Implementing nonce with styled-jsx for Content Security Policy #15056
Unanswered
KarthikeyanRanasthala
asked this question in
Help
Replies: 1 comment 3 replies
-
@timneutkens Any word here? |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The implementation mentioned here in styled-jsx docs uses flushToReact/flushToHTML which used react-dom/server and styled-jsx/server
As next.js has inbuilt support for SSR and styled-jsx, the above mentioned implementation makes no sense. And this example doesn't cover nonce implementation
FYI, I've tried adding nonce to all individual <style jsx> and its getting stripped somehow during the build process.
Having a strong CSP is necessary to mitigate XSS and packet sniffing attacks. So let's discuss on this and figure out a way to do this.
Beta Was this translation helpful? Give feedback.
All reactions