laravel-recaptcha icon indicating copy to clipboard operation
laravel-recaptcha copied to clipboard

Published 20 hours ago verified publisher icon biscolab

CSP nonce

Open heddn opened this issue 2 years ago • 1 comments

Could the inline script be added with a nonce? Maybe optional integration with spatie/laravel-csp or some means for me to insert a nonce to the inline script. The markup is pretty hard-coded. If the view were moved out of inline blade markup into an actual blade.view, then I'd have some more flexibility.

heddn avatar Apr 21 '22 12:04 heddn

Please take a look at https://github.com/biscolab/laravel-recaptcha/pull/95.

You could either "monkey-patch" your copy at vendor/biscolab/laravel-recaptcha/src/ReCaptchaBuilderV3.php meanwhile a permanent solution is implemented by the package's maintainer(s), or just create your class inside your app's namespace MyCustomReCaptchaBuilderV3 extends ReCaptchaBuilder adapting the ReCaptchaBuilderV3 with the nonce code for the htmlScriptTagJsApi() method.

The latter option is more convoluted because of the plumbing this package uses instantiating variables and JS resources.

moijafcor avatar Feb 12 '24 07:02 moijafcor