Are you sure you want to go to an external site to donate a monetary value?
WARNING: Some countries laws may supersede the payment processors policy such as the GDPR and PayPal. While it is highly appreciated to donate, please check with your countries privacy and identity laws regarding privacy of information first. Use at your utmost discretion.
I'm attempting to add
integrityattribute to a style I use for userscript Newspaper (ATOM/RDF/RSS)Test page: https://mastodon.tedomum.net/@tedomum.rss
The error is this:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https://mastodon.tedomum.net 'nonce-FF4fvS9IB+e83sIyujPoyw=='". Either the 'unsafe-inline' keyword, a hash ('sha256-JjOHpf1r2ZHN4jxJdiFIgopy2yA5l3DibXaFr1c70F4='), or a nonce ('nonce-...') is required to enable inline execution.I used the output of these commands: (also used
sha256)cat FILENAME.js | openssl dgst -sha384 -binary | openssl base64 -Ashasum -b -a 384 FILENAME.js | awk '{ print $1 }' | xxd -r -p | base64 ``` This is the part where integrity is applied: ```js if (isRTL) { stylesheet .textContent = stylesheet_ltr + stylesheet_rtl; stylesheet .setAttribute( 'integrity', 'I NEED HELP IN GETTING STRING CHECKSUM' ); } else { stylesheet .textContent = stylesheet_ltr; stylesheet .setAttribute( 'integrity', 'I NEED HELP IN GETTING STRING CHECKSUM' ); }Please delete first post and this post
I'm attempting to add
integrityattribute to a style I use for userscript Newspaper (ATOM/RDF/RSS)Test page: https://mastodon.tedomum.net/@tedomum.rss
The error is this:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https://mastodon.tedomum.net 'nonce-FF4fvS9IB+e83sIyujPoyw=='". Either the 'unsafe-inline' keyword, a hash ('sha256-JjOHpf1r2ZHN4jxJdiFIgopy2yA5l3DibXaFr1c70F4='), or a nonce ('nonce-...') is required to enable inline execution.I used the output of these commands: (also used
sha256)cat FILENAME.js | openssl dgst -sha384 -binary | openssl base64 -Ashasum -b -a 384 FILENAME.js | awk '{ print $1 }' | xxd -r -p | base64This is the part where integrity is applied:
if (isRTL) { stylesheet .textContent = stylesheet_ltr + stylesheet_rtl; stylesheet .setAttribute( 'integrity', 'I NEED HELP IN GETTING STRING CHECKSUM' ); } else { stylesheet .textContent = stylesheet_ltr; stylesheet .setAttribute( 'integrity', 'I NEED HELP IN GETTING STRING CHECKSUM' ); }Solved by:
function setNonceUponCSP() { window.addEventListener("securitypolicyviolation", (e) => { //let message = e.originalPolicy; //messageTruncated = message.substring(message.indexOf("'nonce-") + 7); //let nonceValue = messageTruncated.substring(0, messageTruncated.indexOf("'")); let nonceValue = e.originalPolicy.match(/'nonce-(.*?)'/)[1]; cssStylesheet = document.getElementById(namespace); cssStylesheet.setAttribute('nonce', nonceValue); }, { passive : true, }); }I didn't find a way to make it to work on first error.