martin-g commented on a change in pull request #374: WICKET-6682 add CSP nonce
support: initial commit
URL: https://github.com/apache/wicket/pull/374#discussion_r303217903
##########
File path:
wicket-core/src/main/java/org/apache/wicket/core/util/string/JavaScriptUtils.java
##########
@@ -152,7 +153,9 @@ public static void writeJavaScriptUrl(final Response
response, final CharSequenc
public static void writeJavaScriptUrl(final Response response, final
CharSequence url,
final String id, boolean defer, String charset, boolean async)
{
- response.write("<script type=\"text/javascript\" ");
+ response.write("<script ");
+ getNonceAttribute().ifPresent(response::write);
+ response.write("type=\"text/javascript\" ");
Review comment:
There is no need to split line 155 into 156 and 158. The `nonce` attribute
could be appended after the `type` attribute. This will save us one call to
`Response#write()`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
