Methods
Instance Public methods
- csp_meta_tag(**options)

Action View CSP Helpers

Methods

csp_meta_tag

Instance Public methods

csp_meta_tag(**options)

Returns a meta tag “csp-nonce” with the per-session nonce value for allowing inline <script> tags.

<head>
  <%= csp_meta_tag %>
</head>

This is used by the Rails UJS helper to create dynamically loaded inline <script> elements.

📝 Source code

# File actionview/lib/action_view/helpers/csp_helper.rb, line 17
      def csp_meta_tag(**options)
        if content_security_policy?
          options[:name] = "csp-nonce"
          options[:content] = content_security_policy_nonce
          tag("meta", options)
        end
      end

🔎 See on GitHub