security::csp::nonce (public)

 security::csp::nonce [ -tokenname tokenname ]

Defined in packages/acs-tcl/tcl/security-procs.tcl

Generate a nonce token and return it. The nonce token can be used in content security policies (CSP2) for "script" and "style" elements. Desired Properties: generate a single unique value per request which is hard for a hacker to predict, it should only contain base64 characters (so hex is fine). For details, see https://www.w3.org/TR/CSP/

Switches:
-tokenname (optional, defaults to "__csp_nonce")
Returns:
nonce token
Author:
Gustaf Neumann

Partial Call Graph (max 5 caller/called nodes):
%3 Class ::xo::MessageRelay Class ::xo::MessageRelay (public) security::csp::nonce security::csp::nonce Class ::xo::MessageRelay->security::csp::nonce Class ::xowiki::BootstrapNavbarDropzone Class ::xowiki::BootstrapNavbarDropzone (public) Class ::xowiki::BootstrapNavbarDropzone->security::csp::nonce Class ::xowiki::includelet::book Class ::xowiki::includelet::book (public) Class ::xowiki::includelet::book->security::csp::nonce Class ::xowiki::includelet::flowplayer Class ::xowiki::includelet::flowplayer (public) Class ::xowiki::includelet::flowplayer->security::csp::nonce Class ::xowiki::includelet::timeline Class ::xowiki::includelet::timeline (public) Class ::xowiki::includelet::timeline->security::csp::nonce ad_conn ad_conn (public) security::csp::nonce->ad_conn

Testcases:
No testcase defined.
[ show source ]
Show another procedure: