Title: Compatibility with caching & JS/CSS optimization plugins Last modified: January 29, 2025 --- # Compatibility with caching & JS/CSS optimization plugins * [cbre](https://wordpress.org/support/users/cbre/) * (@cbre) * [1 year, 4 months ago](https://wordpress.org/support/topic/compatibility-with-caching-js-css-optimization-plugins/) * Hi, * I’m wondering if some caching & JS/CSS optimization plugins are known to work when “No unsafe-inline” plugin is enabled? * I am using WP Fastest Cache and it cause issues with “No unsafe-inline” as the nonce values added in the HTML code may not match the ones in the CSP rules in the HTTP header. * Also, is there a way for “No unsafe-inline” plugin to detect external scripts as the same when a random URL parameter is just added to URLs by some plugins like Yoast SEO. * Regards. Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [Giuseppe](https://wordpress.org/support/users/mociofiletto/) * (@mociofiletto) * [1 year, 4 months ago](https://wordpress.org/support/topic/compatibility-with-caching-js-css-optimization-plugins/#post-18276386) * you cannot use nonces with cached pages (and using hashes could be a problem due to limits in the HTTP Response header size set in your server). * the plugin recognizes random parameters in urls but the match could be ineffective for strange params name. * You can see the code here: * [https://github.com/MocioF/No-unsafe-inline/blob/main/src%2FNunil_Capture.php#L883-L911](https://github.com/MocioF/No-unsafe-inline/blob/main/src%2FNunil_Capture.php#L883-L911) * Thread Starter [cbre](https://wordpress.org/support/users/cbre/) * (@cbre) * [1 year, 4 months ago](https://wordpress.org/support/topic/compatibility-with-caching-js-css-optimization-plugins/#post-18281631) * Thanks. It would be great to allow users to add more random parameters from the UI. I have tried to use hashes for inline scripts (all cache / optimisation plugins disabled) and I cannot see any hash added to the inline HTML content while the hashed values are correctly listed in the CSP HTTP headers. It’s weird since I don’t have this issue when using the nonce option. I’ve tried it on multiple sites hosted on the same IIS 10 server + PHP 8.3 with no luck. * Plugin Author [Giuseppe](https://wordpress.org/support/users/mociofiletto/) * (@mociofiletto) * [1 year, 4 months ago](https://wordpress.org/support/topic/compatibility-with-caching-js-css-optimization-plugins/#post-18282864) * I will think about adding a filter to add more random parameters named. * You don’t see any hash in the HTML of your pages, because this is unnecessary for csp. * however, if you want/need you can use SRI (subresource integrity). * Here you could find a better explanation: * [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src) * [https://content-security-policy.com/hash/](https://content-security-policy.com/hash/) Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Compatibility with caching & JS/CSS optimization plugins’ is closed to new replies. * ![](https://ps.w.org/no-unsafe-inline/assets/icon-256x256.png?rev=2699768) * [No unsafe-inline](https://wordpress.org/plugins/no-unsafe-inline/) * [Frequently Asked Questions](https://wordpress.org/plugins/no-unsafe-inline/#faq) * [Support Threads](https://wordpress.org/support/plugin/no-unsafe-inline/) * [Active Topics](https://wordpress.org/support/plugin/no-unsafe-inline/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/no-unsafe-inline/unresolved/) * [Reviews](https://wordpress.org/support/plugin/no-unsafe-inline/reviews/) * 3 replies * 2 participants * Last reply from: [Giuseppe](https://wordpress.org/support/users/mociofiletto/) * Last activity: [1 year, 4 months ago](https://wordpress.org/support/topic/compatibility-with-caching-js-css-optimization-plugins/#post-18282864) * Status: not resolved