Content-Security-Policy: Usage of "'strict-dynamic'" #372
Description
Enhancement
Package Version: >=2.0.0
Currently it's not possible to configure strict-dynamic CSP header in the application, since there is no possibility to use nonce attribute in the index.html file. Only possible solution is to manually change, after build is done, index.html file (script src for runtime.js and main.js) and to add desired value.
Currently is only supported to configure nonce attribute for dynamically loaded scripts in the app by adding following part of the code at the top of main.ts file:
// @ts-ignore
__webpack_nonce__ = 'c29tZSBjb29sIHN0cmluZyB3aWxsIHBvcCB1cCAxMjM=';