Title: Support for script nonces?
Last modified: June 1, 2018

---

# Support for script nonces?

 *  Resolved [Ragnar Karlsson](https://wordpress.org/support/users/ragnarkarlsson/)
 * (@ragnarkarlsson)
 * [8 years ago](https://wordpress.org/support/topic/support-for-script-nonces/)
 * Hi
 * Is there any intention to enable the ability to insert nonce values in CSP so
   that it doesn’t clash with items eg: [https://core.trac.wordpress.org/ticket/39941](https://core.trac.wordpress.org/ticket/39941)?
 * I’d like to be able to define in my CSP via Ninjafirewall nonce for script-src
   which would allow me to disable unsafe-inline
 * R

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [8 years ago](https://wordpress.org/support/topic/support-for-script-nonces/#post-10350300)
 * Hi,
 * That’s interesting and should not be difficult to implement. If there was a hook,
   we could use it.
 *  Thread Starter [Ragnar Karlsson](https://wordpress.org/support/users/ragnarkarlsson/)
 * (@ragnarkarlsson)
 * [8 years ago](https://wordpress.org/support/topic/support-for-script-nonces/#post-10350329)
 * I’d love to see Ninjafirewall have a more interactive CSP generator, rather than
   pasting it in. For example [https://report-uri.com/home/generate](https://report-uri.com/home/generate)
   is a great resource, would be nice if I could just tick a box for enabling nonce
   on script-src, style-src etc.
 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [8 years ago](https://wordpress.org/support/topic/support-for-script-nonces/#post-10353604)
 * I would prefer to have it online and put a link to it, like we do for example
   with the NinjaScanner anti-virus rules generator. CSP is tricky, and because 
   some users could lock themselves out of the dashboard (CSP can be used to block
   HTML forms), I don’t want to make it too easy.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Support for script nonces?’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

## Tags

 * [CSP](https://wordpress.org/support/topic-tag/csp/)
 * [nonce](https://wordpress.org/support/topic-tag/nonce/)

 * 3 replies
 * 2 participants
 * Last reply from: [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * Last activity: [8 years ago](https://wordpress.org/support/topic/support-for-script-nonces/#post-10353604)
 * Status: resolved