Apply CSP nonce when createElement is called #602
Description
Hi!
Firstly, thanks for your work on this project! 👋
Today I used patch-package to patch @hotwired/turbo@7.1.0 for the project I'm working on.
There is an issue which is documented here https://github.com/hotwired/turbo/pull/501/files but that fix doesn't exist in this file.
Here is the diff that solved my problem:
diff --git a/node_modules/@hotwired/turbo/dist/turbo.es2017-esm.js b/node_modules/@hotwired/turbo/dist/turbo.es2017-esm.js
index 963422f..1b164fe 100644
--- a/node_modules/@hotwired/turbo/dist/turbo.es2017-esm.js
+++ b/node_modules/@hotwired/turbo/dist/turbo.es2017-esm.js
@@ -1215,6 +1215,9 @@ class ProgressBar {
const element = document.createElement("style");
element.type = "text/css";
element.textContent = ProgressBar.defaultCSS;
+
+ element.nonce = document.head.querySelector('meta[name="csp-nonce"]')?.getAttribute('content')
+
return element;
}
createProgressElement() {This issue body was partially generated by patch-package.