spfaffly β changed the visibility of the branch 3203811-csp-domain to active.
I just noticed the hook_csp_policy_alter function. I was able to append using that hook by adding this function:
function hook_csp_policy_alter(Csp $policy, Response $response) {
// Add nonce value to CSP.
/** @var \Drupal\csp\PolicyHelper $policy_helper */
$policy_helper = \Drupal::service('csp.policy_helper');
$policy_helper->appendNonce($policy, 'script', ['unsafe-inline']);
}
And then anywhere I needed to add the nonce value in my theme I used the Nonce service:
// Generate a nonce for CSP.
/** @var \Drupal\csp\Nonce $nonce_service */
$nonce_service = \Drupal::service('csp.nonce');
$nonce_value = $nonce_service->getValue();
spfaffly β created an issue.
Tested #10 as well on Drupal 10.2.2 and works great. Thanks!
@gisle You're welcome.
I've come across a similar issue and figured this would be the best approach.
This MR basically has a check if the current user has the permission of "access administration pages" and displays that message accordingly.
Any users that don't have this permission won't see this message.
spfaffly β made their first commit to this issueβs fork.
Applied the patch to original branch + latest 9.3.x dev branch.
spfaffly β made their first commit to this issueβs fork.
Created a MR to apply the rector fixes + increment the info files to allow D10 installation.
spfaffly β made their first commit to this issueβs fork.
Trying to reroll the patch against the dist version (since there isn't a dev branch?)
Adding a patch file based on the above changes here since the patch file created in the MR didn't apply for some reason.
Using this issue as a way to reach out to these future niche use cases as previous versions of this module supported it.
You can close out this issue.
I'll take a look at the generator route when time permits - thanks for your insight!
spfaffly β created an issue.
Probably not the best solution but commenting out the offending code for now at least gives us a path forward to an installable state.
Patch file attached.