From 3474743c72979cb14f1f28911e95c18885c32e6a Mon Sep 17 00:00:00 2001
From: Aaron Campbell <51107902+sleepdotexe@users.noreply.github.com>
Date: Tue, 26 Sep 2023 17:01:08 +1000
Subject: [PATCH 1/2] Update middleware.js

Fixes issue where a freshly cloned example will not work in development mode due to `unsafe-eval` being blocked by the CSP.
---
 examples/with-strict-csp/middleware.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/with-strict-csp/middleware.js b/examples/with-strict-csp/middleware.js
index 8cba9a9762311..698757ae80afb 100644
--- a/examples/with-strict-csp/middleware.js
+++ b/examples/with-strict-csp/middleware.js
@@ -4,7 +4,7 @@ export function middleware(request) {
   const nonce = Buffer.from(crypto.randomUUID()).toString('base64')
   const cspHeader = `
     default-src 'self';
-    script-src 'self' 'nonce-${nonce}' 'strict-dynamic';
+    script-src 'self' 'nonce-${nonce}' 'strict-dynamic' https: http: 'unsafe-inline' ${process.env.NODE_ENV === 'production' ? '' : `'unsafe-eval'`};
     style-src 'self' 'nonce-${nonce}';
     img-src 'self' blob: data:;
     font-src 'self';

From a0a382010b604ba3d2f7c6d69e28e832fd13a54c Mon Sep 17 00:00:00 2001
From: samcx <sam@vercel.com>
Date: Mon, 11 Mar 2024 11:12:58 -0700
Subject: [PATCH 2/2] fix(examples): prettier file

---
 examples/with-strict-csp/middleware.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/examples/with-strict-csp/middleware.js b/examples/with-strict-csp/middleware.js
index 5dd94077df027..875321f9febf2 100644
--- a/examples/with-strict-csp/middleware.js
+++ b/examples/with-strict-csp/middleware.js
@@ -4,7 +4,9 @@ export function middleware(request) {
   const nonce = Buffer.from(crypto.randomUUID()).toString("base64");
   const cspHeader = `
     default-src 'self';
-    script-src 'self' 'nonce-${nonce}' 'strict-dynamic' https: http: 'unsafe-inline' ${process.env.NODE_ENV === 'production' ? '' : `'unsafe-eval'`};
+    script-src 'self' 'nonce-${nonce}' 'strict-dynamic' https: http: 'unsafe-inline' ${
+    process.env.NODE_ENV === "production" ? "" : `'unsafe-eval'`
+  };
     style-src 'self' 'nonce-${nonce}';
     img-src 'self' blob: data:;
     font-src 'self';