opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor: update Content Security Policy to include 'strict-dynamic' and improve nonce handling in Google Analytics component

This commit is contained in:
CodingOnStar 2025-10-17 19:12:01 +08:00
parent 3d7c7acba6
commit ed6fd6f3d9
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
web/app/components/base/ga/index.tsx
View File

@ -24,7 +24,8 @@ const GA: FC<IGAProps> = ({
if (IS_CE_EDITION)
return null
const nonce = process.env.NODE_ENV === 'production' ? (headers() as unknown as UnsafeUnwrappedHeaders).get('x-nonce') ?? '' : ''
const nonceValue = process.env.NODE_ENV === 'production' ? (headers() as unknown as UnsafeUnwrappedHeaders).get('x-nonce') : null
const nonce = nonceValue || undefined
return (
<>
@ -40,20 +41,20 @@ const GA: FC<IGAProps> = ({
window.gtag('config', '${gaIdMaps[gaType]}');
`,
}}
nonce={nonce ?? undefined}
nonce={nonce}
/>
{/* Load GA script */}
<Script
strategy="afterInteractive"
src={`https://www.googletagmanager.com/gtag/js?id=${gaIdMaps[gaType]}`}
nonce={nonce ?? undefined}
nonce={nonce}
/>
{/* Cookie banner */}
<Script
id="cookieyes"
strategy="lazyOnload"
src='https://cdn-cookieyes.com/client_data/2a645945fcae53f8e025a2b1/script.js'
nonce={nonce ?? undefined}
nonce={nonce}
/>
</>
)