You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi!
I am using next-themes for darkmode functionality on my site, which is inserting a script block into the <body>.
This block isn't trustified by next-safe-middleware and causing a CSP error. I was wondering if it is possible to hash it manually and pass the hash to the CSP policy somehow?
I tried creating a script-src directive and adding the hash, but the policy appears to be overwritten when the site is deployed:
Hi!
I am using next-themes for darkmode functionality on my site, which is inserting a script block into the
<body>.This block isn't trustified by
next-safe-middlewareand causing a CSP error. I was wondering if it is possible to hash it manually and pass the hash to the CSP policy somehow?I tried creating a script-src directive and adding the hash, but the policy appears to be overwritten when the site is deployed:
Is there a way to achieve this? (Apologies in advance if I have missed something obvious)
The text was updated successfully, but these errors were encountered: