Nonce for hashes for inlining CSS, for CSP?

Let’s say I want to inline a stylesheet, and keep it secure with a strong CSP, using a nonce. Can I do this with Caddy and its templates? If not, what would be required to make this happen?

I think you can use something like {{ $nonce := randAlphaNum 6 }} in templates to generate a nonce, then you can use .RespHeader.Add to add your header to whatever.

Also worth noting, you can have multiple CSP headers:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.