Working with strict CSP
-
Dear Livan
Many thanks for creating and maintaining this great plugin!
I’ve been trying to make it work with a strict content security policy, which involves adding a nonce or hash to external and inline css/scripts: https://web.dev/strict-csp/
It could be implemented using a plugin, for example: https://www.ads-software.com/plugins/no-unsafe-inline/
Another possibility is to add a default nonce, and replace it with random ones using a Cloudflare Worker: https://github.com/moveyourdigital/cloudflare-worker-csp-nonce or https://gist.github.com/richie5um/b2999177b27095af13ec619e44742116
I wondered if there’s a way to make either of these options work with Asset CleanUp’s minify/inline functionality?
- The topic ‘Working with strict CSP’ is closed to new replies.
