kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 11:12:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: resolve CSP violations and React hydration issues

Browse Source 
- Fix Permissions-Policy header: change ambient-light-sensor to ambient-light
- Add Google Fonts domain to font-src CSP for Leaflet map tiles
- Allow unsafe-inline for style-src to support third-party libraries (Sonner, Leaflet)
- Fix React hydration mismatch by conditionally adding nonce attribute
- Add debug logging for nonce retrieval issues

These changes resolve all CSP violations while maintaining security best practices.
This commit is contained in:
Kaj Kowalski
2025-07-13 22:23:40 +02:00
parent 1e0ee37a39
commit 6d5d0fd7a4
4 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/layout.tsx
View File

@ -134,7 +134,7 @@ export default async function RootLayout({
<head>
<script
type="application/ld+json"
nonce={nonce}
{...(nonce ? { nonce } : {})}
// biome-ignore lint/security/noDangerouslySetInnerHtml: Safe use for JSON-LD structured data with CSP nonce
dangerouslySetInnerHTML={{ __html: JSON.stringify(jsonLd) }}
/>