From 080436aebb4c4681f85cc8bf5d8563832ff8dbdd Mon Sep 17 00:00:00 2001 From: Literallie Date: Wed, 18 Oct 2017 17:48:53 +0200 Subject: CSP: Add nonce to slide view inline JS --- lib/response.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/response.js b/lib/response.js index a22d1e70..287d53e0 100755 --- a/lib/response.js +++ b/lib/response.js @@ -584,7 +584,8 @@ function showPublishSlide (req, res, next) { lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, robots: meta.robots || false, // default allow robots GA: meta.GA, - disqus: meta.disqus + disqus: meta.disqus, + cspNonce: res.locals.nonce } return renderPublishSlide(data, res) }).catch(function (err) { -- cgit v1.2.3