Kush Patel
Reputation: 1
Add nonce tag to Html.Kendo().DatePicker() script
I am working to remove 'unsafe-inline' and 'unsafe-eval' from our CSP. For this I am getting an error that we cannot run the inline script for the datepicker. In the page we have code like this:
<div class="col-xs-1 text-right padding-top-1">
From:
</div>
<div class="col-xs-6">
@(Html.Kendo().DatePicker()
.Name("fromDate")
.Events(e => e.Change("startChange"))
.Format("MM/dd/yyyy")
)
</div>`
and it generates this in the page:
<div class="col-xs-1 text-right padding-top-1">
From:
</div>
<div class="col-xs-6">
<input id="fromDate" name="fromDate" type="date" />
<script>
jQuery(function(){jQuery("#fromDate").kendoDatePicker({"change":startChange,"format":"MM/dd/yyyy","min":new Date(1900,0,1,0,0,0,0),"max":new Date(2099,11,31,0,0,0,0)});});
</script>
</div>
does anyone know how I can get this to generate with the script tag like this:
<script nonce='Random-1'>
//some code for date picker
</script>
I am completely stuck on how to approach this, we want to avoid a method to include all the hashes in the CSP
Upvotes: 0
Views: 48
Answers (0)
Related Questions
- How can I add a key/value pair to a JavaScript object?
- Script Tag - async & defer
- Where should I put <script> tags in HTML markup?
- Sending command line arguments to npm script
- How can I add new array elements at the beginning of an array in JavaScript?
- How to add a class to a given element?
- When is a CDATA section necessary within a script tag?
- Why don't self-closing script elements work?
- How to add days to Date?