I'm a little confused on how nonces work with respect to CSP.
For any website I can easily inspect the response header to find the Content-Security-Policy header and from there I could see the nonce that is being allowed.
If I'm able to find the nonce and if I'm able to insert an inline script. I could just add the nonce to my inline script and inject malicious code. How is the nonce secure?
In addition could you use a meta tag to deliver CSP with a nonce?
Aucun commentaire:
Enregistrer un commentaire