-
Notifications
You must be signed in to change notification settings - Fork 285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Content Security Policy with nonce prevents Application Insights javascript running #2275
Comments
@boat-priyanka-agrawal in my project I have overcome this issue by referencing the
Edit: I just noticed you mentioned that this was for .net471. In that case, there is the |
@jordansjones How are you getting the JavaScriptSnippet.ScriptBody ? What package are you using to get that, or have you defined it in a class of your own? |
@boat-priyanka-agrawal |
That's what we have decided to go ahead with - adding the snippet manually in the head section. Thanks @jordansjones! |
Hi,
We are enabling CSP with nonce attribute on our website, but it is preventing Application insights javascript from running.
To solve that, I am looking into how to get the AI script and add to the header of it the Nonce Code I put in the Content-Security-Policy.
This issue - #1443 is similar to what I am trying, but this is for asp.net core.
Is there a way to get the Javascript snippet (that Application Insights injects on the page) and replace the script tag with nonce for asp.net?
The text was updated successfully, but these errors were encountered: