Commit 36d4da7a authored by Gandalf's avatar Gandalf
Browse files

Disable nonce-based CSP in middleware 

Next.js 14 doesn't fully support nonce-based CSP:
- Internal scripts (__NEXT_DATA__, hydration) don't receive nonces automatically
- Inline style attributes (style-src-attr) don't support nonces at all

The static CSP in next.config.js provides protection without causing violations.

See #796 for tracking nonce CSP support in future Next.js versions.
parent 89c9cdb4
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment