New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LocalizedStringProvider: nonce parameter for Content Security Policy #6219
base: main
Are you sure you want to change the base?
LocalizedStringProvider: nonce parameter for Content Security Policy #6219
Conversation
185b9a1
to
b2e1311
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems reasonable, we should see about adding it to our example project for verification.
https://github.com/adobe/react-spectrum/tree/main/examples/next-app
Oh i missed that one, I can work on that based on this reproduction bug repository: https://github.com/Julienng/csp-next-and-react-aria-components-provider |
d726ab8
to
70b6c49
Compare
@snowystinger I've added the example project. It matches with the By testing it, I noticed hydration error with CSP because the browser remove nonce parameter from the DOM before React hydration. To circumvent that problem, I followed the same pattern as new code: <script nonce={typeof window === 'undefined' ? nonce : ''} suppressHydrationWarning dangerouslySetInnerHTML={{__html: getPackageLocalizationScript(locale, strings)}} />; |
70b6c49
to
84fdccb
Compare
84fdccb
to
81099b7
Compare
Linking relevant React issue facebook/react#26028 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh yeah, I had to |
Closes #6218
✅ Pull Request Checklist:
Looked at the Accessibility Practices for this feature - Aria Practicesno concern📝 Test Instructions:
#6218
Reproduction repo and deployed test on vercel to check
🧢 Your Project: