returns nonce
npm install get-noncejust returns a nonce (number used once). No batteries included in those 46 bytes of this library.
---
- ✅ build in webpack support via __webpack_nonce__
- getNonce(): string|undefined - returns the current nonce
- setNonce(newValue) - set's nonce value
Why we need a library to access __webpack_nonce__? Abstractions!
"I", as a library author, don't want to "predict" the platform "you" going to use.
"I", as well, want an easier way to test and control nonce value.
Like - nonce is supported out of the box only by webpack, what you are going to do?
This is why this "man-in-the-middle" was created.
Yep, think about left-pad :)
> https://webpack.js.org/guides/csp/
To activate the feature set a webpack_nonce variable needs to be included in your entry script.
``
__webpack_nonce__ = uuid(); // for example
Without webpack __webpack_nonce__ is actually just a global variable,nonce
which makes it actually bundler independent,
however "other bundlers" are able to replicate it only setting it as a global variable
(as here in tests) which violates a "secure" nature of .
get-nonce is not global.
- react-style-singleton <- react-remove-scroll <- react-focus-on`
- this issue
- styled-components
MIT