From ed6fd6f3d91cf3442bcc4e2e729322b96da7b3d9 Mon Sep 17 00:00:00 2001
From: CodingOnStar <hanxujiang@dify.ai>
Date: Fri, 17 Oct 2025 19:12:01 +0800
Subject: [PATCH] refactor: update Content Security Policy to include
 'strict-dynamic' and improve nonce handling in Google Analytics component

---
 web/app/components/base/ga/index.tsx | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/web/app/components/base/ga/index.tsx b/web/app/components/base/ga/index.tsx
index 33f8ffb010..759a91d18e 100644
--- a/web/app/components/base/ga/index.tsx
+++ b/web/app/components/base/ga/index.tsx
@@ -24,7 +24,8 @@ const GA: FC<IGAProps> = ({
   if (IS_CE_EDITION)
     return null
 
-  const nonce = process.env.NODE_ENV === 'production' ? (headers() as unknown as UnsafeUnwrappedHeaders).get('x-nonce') ?? '' : ''
+  const nonceValue = process.env.NODE_ENV === 'production' ? (headers() as unknown as UnsafeUnwrappedHeaders).get('x-nonce') : null
+  const nonce = nonceValue || undefined
 
   return (
     <>
@@ -40,20 +41,20 @@ const GA: FC<IGAProps> = ({
             window.gtag('config', '${gaIdMaps[gaType]}');
           `,
         }}
-        nonce={nonce ?? undefined}
+        nonce={nonce}
       />
       {/* Load GA script */}
       <Script
         strategy="afterInteractive"
         src={`https://www.googletagmanager.com/gtag/js?id=${gaIdMaps[gaType]}`}
-        nonce={nonce ?? undefined}
+        nonce={nonce}
       />
       {/* Cookie banner */}
       <Script
         id="cookieyes"
         strategy="lazyOnload"
         src='https://cdn-cookieyes.com/client_data/2a645945fcae53f8e025a2b1/script.js'
-        nonce={nonce ?? undefined}
+        nonce={nonce}
       />
     </>
   )