Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: csp nonce injection when no closing tag (#16281)
Not all html elements have an ending tag, for example: <link rel="stylesheet" href="/roboto.css" /> In such cases, the current injection func injects the nonce after the forward slash, instead of before it current result: <link rel="stylesheet" href="/roboto.css" / nonce="abc123"> this patch corrects the behavior to: <link rel="stylesheet" href="/roboto.css" nonce="abc123"/>
- Loading branch information