Zaraz with a CSP nonce

The Zaraz script which is automatically injected into my webpages is blocked by my Content Security Policy: "script-src ‘nonce-’ ‘strict-dynamic’ "

I have included my ‘nonce-’ in the code for my “Custom HTML” tools. But Zaraz is still blocked.

It seems I have to add a nonce to the automatic Zaraz script. But how?


You should be able to disable Auto-injecting Zaraz and then manually inserting the script to your page. You can then add a nonce attribute to your tag.

Thanks, yoav_zaraz.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.