/// <summary>
/// Generates a CSP nonce HTML attribute. The 120-bit random nonce will be included in the CSP script-src directive.
/// </summary>
/// <param name="helper"></param>
public static IHtmlString CspScriptNonce(this HtmlHelper helper)
{
var context = helper.ViewContext.HttpContext;
var cspConfigurationOverrideHelper = new CspConfigurationOverrideHelper();
var headerOverrideHelper = new HeaderOverrideHelper();
var nonce = cspConfigurationOverrideHelper.GetCspScriptNonce(context);
if (context.Items["NWebsecScriptNonceSet"] == null)
{
context.Items["NWebsecScriptNonceSet"] = "set";
headerOverrideHelper.SetCspHeaders(context, false);
headerOverrideHelper.SetCspHeaders(context, true);
}
return CreateNonceAttribute(helper, nonce);
}
