Skip to content

Commit 5b7c11b

Browse files
haihv433haihv433
committed
Added Nonce
1 parent 25d73ac commit 5b7c11b

File tree

2 files changed

+19
-3
lines changed

2 files changed

+19
-3
lines changed

Model/ScriptsManager.php

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -366,9 +366,25 @@ public function printRequireConfig()
366366
}
367367
$jsonVariable = json_encode($config);
368368

369-
printf('<script%s>!function(e){var t="require",r=()=>!(!e[t]||!e[t].config),l=n=>"function"==typeof n[0]?n[0]():e[t].apply(null,n);const i=[];if(!r()){let e=0,t=setInterval(()=>{if(r())for(clearInterval(t);i.length;){var n=i.shift();l(n)}1000<e&&clearInterval(t),++e},100)}e.gmtRequire=function(){var n=arguments;!r()||0<i.length?i.push(n):l(n)}}(window);</script>', $this->typeAttr);
369+
$this->secureRenderScript(sprintf('!function(e){var t="require",r=()=>!(!e[t]||!e[t].config),l=n=>"function"==typeof n[0]?n[0]():e[t].apply(null,n);const i=[];if(!r()){let e=0,t=setInterval(()=>{if(r())for(clearInterval(t);i.length;){var n=i.shift();l(n)}1000<e&&clearInterval(t),++e},100)}e.gmtRequire=function(){var n=arguments;!r()||0<i.length?i.push(n):l(n)}}(window);', $jsonVariable));
370370

371-
printf('<script%s>gmtRequire(() => {require.config(%s)})</script>', $this->typeAttr, $jsonVariable);
371+
$this->secureRenderScript(sprintf('gmtRequire(() => {require.config(%s)})', $jsonVariable));
372372
}
373373
}
374+
375+
/**
376+
* @param string $content
377+
* @return void
378+
*/
379+
private function secureRenderScript(string $content)
380+
{
381+
$nonce = '';
382+
if (class_exists('Magento\Csp\Helper\CspNonceProvider')) {
383+
/** @var \Magento\Csp\Helper\CspNonceProvider $nonceProvider */
384+
$nonceProvider = \Goomento\Core\Helper\ObjectManagerHelper::get('Magento\Csp\Helper\CspNonceProvider');
385+
$nonce = sprintf(' nonce="%s"', $nonceProvider->generateNonce());
386+
}
387+
388+
printf('<script%s>%s</script>', $this->typeAttr . $nonce, $content);
389+
}
374390
}

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
"name": "goomento/module-core",
33
"description": "Magento 2 Goomento Core Module For Goomento Page Builder Extension",
44
"type": "magento2-module",
5-
"version": "1.0.12",
5+
"version": "1.0.13",
66
"license": [
77
"OSL-3.0"
88
],

0 commit comments

Comments
 (0)