bvaughn
Add support for CSP nonce
Can you please consider adding support for a nonce attribute to the style element that this library injects in the DOM. The custom cursor logic currently doesn't work when CSP is configured to expect a specific nonce.
References: https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/nonce https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
Want to post a PR that adds a nonce prop and passes it through to the style in an effect?
Can you please consider adding support for a
nonceattribute to thestyleelement that this library injects in the DOM. The custom cursor logic currently doesn't work when CSP is configured to expect a specific nonce.
Re-visiting this issue today and wanted to ask for clarification. This library does not inject a "style element" into the DOM. (No HTMLStyleElements are used.) It uses inline styles only.
I didn't investigate much but I thought that the issue is caused by the setGlobalCursorStyle function.
Ah, I believe you're right. It's been a while since I wrote that code and I had overlooked it because I was thinking about the panels/views themselves.
The simplest fix for my specific case would be the addition of the following just before the linked setGlobalCursorStyle line but it will be a very bundler-specific solution:
styleElement.setAttribute("nonce", __webpack_nonce__);
I guess we either need a new PanelGroup prop or some other workaround.
I can't add anything like that to this project :) Would need to think of a way for people to configure (opt in to) this functionality.
I didn't intend to close this issue when leaving my previous comment. (Sorry!)
Check out #386. Would this suffice for your use-case?
To use it, you'd need to do something like this:
import { setNonce } from "react-resizable-panels";
setNonce("whatever");