Fixed #17048 - [CSP] providePrimeNG csp nonce does not solve all csp …

…issues when "theme" property is defined
primefaces · Dec 17, 2024 · cb8449b · cb8449b
1 parent 07bf7ab
commit cb8449b
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/packages/primeng/src/config/primeng.ts b/packages/primeng/src/config/primeng.ts
@@ -201,7 +201,8 @@ export class PrimeNG extends ThemeProvider {
 
         if (theme)
             this.setThemeConfig({
-                theme
+                theme,
+                csp
             } as ThemeConfigType);
     }
 }
diff --git a/packages/primeng/src/config/themeprovider.ts b/packages/primeng/src/config/themeprovider.ts
@@ -7,13 +7,18 @@ export type ThemeType = { preset?: any; options?: any } | 'none' | boolean | und
 
 export type ThemeConfigType = {
     theme?: ThemeType;
+    csp?: {
+        nonce: string | undefined;
+    };
 };
 
 @Injectable({ providedIn: 'root' })
 export class ThemeProvider {
     // @todo define type for theme
     theme = signal<any>(undefined);
 
+    csp = signal<{ nonce: string | undefined }>({ nonce: undefined });
+
     isThemeChanged: boolean = false;
 
     public document: Document = inject(DOCUMENT);
@@ -59,7 +64,7 @@ export class ThemeProvider {
         // common
         if (!Theme.isStyleNameLoaded('common')) {
             const { primitive, semantic, global, style } = this.baseStyle.getCommonTheme?.() || {};
-            const styleOptions = { nonce: undefined };
+            const styleOptions = { nonce: this.csp?.()?.nonce };
 
             this.baseStyle.load(primitive?.css, { name: 'primitive-variables', ...styleOptions });
             this.baseStyle.load(semantic?.css, { name: 'semantic-variables', ...styleOptions });
@@ -71,7 +76,8 @@ export class ThemeProvider {
     }
 
     setThemeConfig(config: ThemeConfigType): void {
-        const { theme } = config || {};
+        const { theme, csp } = config || {};
         if (theme) this.theme.set(theme);
+        if (csp) this.csp.set(csp);
     }
 }
diff --git a/packages/primeng/src/table/table.ts b/packages/primeng/src/table/table.ts
@@ -3170,6 +3170,7 @@ export class Table extends BaseComponent implements OnInit, AfterViewInit, After
     }
     `;
                 this.renderer.setProperty(this.responsiveStyleElement, 'innerHTML', innerHTML);
+                DomHandler.setAttribute(this.responsiveStyleElement, 'nonce', this.config?.csp()?.nonce);
             }
         }
     }
-Original file line number
+Diff line change
@@ Expand Up @@
         }
         `;
                     this.renderer.setProperty(this.responsiveStyleElement, 'innerHTML', innerHTML);
+                    DomHandler.setAttribute(this.responsiveStyleElement, 'nonce', this.config?.csp()?.nonce);
                 }
             }
         }
@@ Expand Down @@