Last active
December 10, 2025 09:06
-
-
Save Nurlan199206/5861fdb96626b87b6d92ad0e91190fcd to your computer and use it in GitHub Desktop.
nginx csp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| read reactjs index.html | |
| docker run -it -v /home/nurlan/p2p:/tmp node:20.18.1 bash | |
| npm ci | |
| npm run build | |
| 1. cat index.html | |
| 2. find <script>...</script> section | |
| 3. create hash | |
| echo -n "function handlePush(n){window.HandlePush(n)}" | openssl dgst -sha256 -binary | openssl base64 -A | |
| put hash in server section | |
| 4. server { | |
| listen 8080; | |
| server_name localhost; | |
| add_header Content-Security-Policy "script-src 'self' 'sha256-Jc40enpk....'"; | |
| #access_log /var/log/nginx/host.access.log main; | |
| location / { | |
| root /usr/share/nginx/html; | |
| index index.html index.htm; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment