Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Nonce and JSS inline styles
See original GitHub issueExpected Behavior
Page loads.
Current Behavior
Page will not load even when utilizing a nonce.
Steps to Reproduce (for bugs)
It’s very difficult to include an example since generating a nonce is required on the server. The following error is logged in the console:
Refused to apply inline style because it violates the following Content Security Policy directive: “style-src ‘self’ ‘nonce-YjU5MDIwOWItOTE5OC00YjY1LTk0YTAtNzhmNzI5MWY1Yjdi’”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=’), or a nonce (‘nonce-…’) is required to enable inline execution.
As you can see with the error message, my nonce is correctly displaying in my security policy. I also have the following meta tag, which upon source view, is identical to the security policies nonce.
<meta property="csp-nonce" content="{{ nonce }}">
I have ensured the nonce in the headers and displayed in the meta match.
Context
Attempting to implement XSS protection.
Your Environment
| Tech | Version |
|---|---|
| Material-UI | 1.0.0-beta43 |
| React | 16.2.0 |
| browser | Chrome 65.0.3325.181 |
Issue Analytics
- State:
- Created 5 years ago
- Comments:13 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I sincerely apologize and truly appreciate you taking the time to assist me. I completely forgot that dependency was there. It’s not actually needed for this project and this was a clone of another repo originally.
Thank you!
As far as Vuetify, I’m actually liking material-ui much better. I utilized material-ui about a year ago originally when developing this application for the local government agency I had previously spoken about. The agency was concerned with React back then as it was during the time people starting pulling away from React due to the patent rider so we switched over to Vue.
Since the patent rider issue has been resolved I’ve slowly started converting the entire application to React, however I’ve been working on other projects in the meantime as well.
I would say that Material-UI is definitely my favorite of the two, and as far as I’ve seen has had much less bugs and issues as well as more styling options. It’s a top notch framework and am thankful for your time in developing it.
I was able to get a repo uploaded much quicker than anticipated. https://github.com/pelhamrj/test-repo