Symfony Nonces and Web Developer Toolbar
Symfony uses nonces in the web development panel, for example:
<div id="sfwdtd61de8" class="sf-toolbar sf-display-none"></div><script
nonce=ca6666b27bc9c402c16192e4b43bbdaa>
etc. and then since the nonces are dynamically generated, I cannot use this type of code in my vhost for content security policy:
Header set Content-Security-Policy script-src 'self' 'nonce-
ca6666b27bc9c402c16192e4b43bbdaa'
So what should I do to whitelist my web developer toolbar code?
I use:
- Symfony 3.3.2
- Apache 2.4.25
- PHP 7.1.2
+3
source to share
No one has answered this question yet
Check out similar questions: