From cb8449b236f8065ce84c81c0a5fc80836efe83bb Mon Sep 17 00:00:00 2001
From: Mert Sincan <sincan.mert@gmail.com>
Date: Tue, 17 Dec 2024 00:31:51 +0000
Subject: [PATCH] Fixed #17048 - [CSP] providePrimeNG csp nonce does not solve
 all csp issues when "theme" property is defined

---
 packages/primeng/src/config/primeng.ts       |  3 ++-
 packages/primeng/src/config/themeprovider.ts | 10 ++++++++--
 packages/primeng/src/table/table.ts          |  1 +
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/packages/primeng/src/config/primeng.ts b/packages/primeng/src/config/primeng.ts
index b1fe389e6a5..bf2bcf4ef31 100644
--- a/packages/primeng/src/config/primeng.ts
+++ b/packages/primeng/src/config/primeng.ts
@@ -201,7 +201,8 @@ export class PrimeNG extends ThemeProvider {
 
         if (theme)
             this.setThemeConfig({
-                theme
+                theme,
+                csp
             } as ThemeConfigType);
     }
 }
diff --git a/packages/primeng/src/config/themeprovider.ts b/packages/primeng/src/config/themeprovider.ts
index af18e7b70eb..1f473e13a85 100644
--- a/packages/primeng/src/config/themeprovider.ts
+++ b/packages/primeng/src/config/themeprovider.ts
@@ -7,6 +7,9 @@ export type ThemeType = { preset?: any; options?: any } | 'none' | boolean | und
 
 export type ThemeConfigType = {
     theme?: ThemeType;
+    csp?: {
+        nonce: string | undefined;
+    };
 };
 
 @Injectable({ providedIn: 'root' })
@@ -14,6 +17,8 @@ export class ThemeProvider {
     // @todo define type for theme
     theme = signal<any>(undefined);
 
+    csp = signal<{ nonce: string | undefined }>({ nonce: undefined });
+
     isThemeChanged: boolean = false;
 
     public document: Document = inject(DOCUMENT);
@@ -59,7 +64,7 @@ export class ThemeProvider {
         // common
         if (!Theme.isStyleNameLoaded('common')) {
             const { primitive, semantic, global, style } = this.baseStyle.getCommonTheme?.() || {};
-            const styleOptions = { nonce: undefined };
+            const styleOptions = { nonce: this.csp?.()?.nonce };
 
             this.baseStyle.load(primitive?.css, { name: 'primitive-variables', ...styleOptions });
             this.baseStyle.load(semantic?.css, { name: 'semantic-variables', ...styleOptions });
@@ -71,7 +76,8 @@ export class ThemeProvider {
     }
 
     setThemeConfig(config: ThemeConfigType): void {
-        const { theme } = config || {};
+        const { theme, csp } = config || {};
         if (theme) this.theme.set(theme);
+        if (csp) this.csp.set(csp);
     }
 }
diff --git a/packages/primeng/src/table/table.ts b/packages/primeng/src/table/table.ts
index f8052c65d29..b79fb433803 100644
--- a/packages/primeng/src/table/table.ts
+++ b/packages/primeng/src/table/table.ts
@@ -3170,6 +3170,7 @@ export class Table extends BaseComponent implements OnInit, AfterViewInit, After
     }
     `;
                 this.renderer.setProperty(this.responsiveStyleElement, 'innerHTML', innerHTML);
+                DomHandler.setAttribute(this.responsiveStyleElement, 'nonce', this.config?.csp()?.nonce);
             }
         }
     }