Symfony Nonces and Web Developer Toolbar

Question

Symfony uses nonces in the web development panel, for example:

<div id="sfwdtd61de8" class="sf-toolbar sf-display-none"></div><script 
nonce=ca6666b27bc9c402c16192e4b43bbdaa>

etc. and then since the nonces are dynamically generated, I cannot use this type of code in my vhost for content security policy:

Header set Content-Security-Policy script-src 'self' 'nonce-
ca6666b27bc9c402c16192e4b43bbdaa'

So what should I do to whitelist my web developer toolbar code?

I use:

+3

mysthiq 07 jul. '17 at 9:31

No one has answered this question yet

Check out similar questions:

731

4

3

2

0

0

0

0

0