Return-Path: <users-return-116324-archive-asf-public=cust-asf.ponee.io@httpd.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 75DEB200D04
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Mon, 11 Sep 2017 10:59:51 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 745521609C4; Mon, 11 Sep 2017 08:59:51 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id E12F81609C3
	for <archive-asf-public@cust-asf.ponee.io>; Mon, 11 Sep 2017 10:59:50 +0200 (CEST)
Received: (qmail 83487 invoked by uid 500); 11 Sep 2017 08:59:49 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 83470 invoked by uid 99); 11 Sep 2017 08:59:48 -0000
Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Sep 2017 08:59:48 +0000
Received: from [192.168.8.101] (87-49-146-160-mobile.dk.customer.tdc.net [87.49.146.160])
	by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id C8DE91A0019
	for <users@httpd.apache.org>; Mon, 11 Sep 2017 08:59:46 +0000 (UTC)
To: users@httpd.apache.org
References: <4a513065-4a8c-99c3-754c-f2c8e7a28339@gmail.com>
 <3fe3858d-7070-c49b-259d-d9eed52c5ef6@apache.org>
 <3f9021f2-0908-db16-ae88-ffcca271f9f4@gmail.com>
 <af5af378-c8f0-6486-54e5-572c34716d16@apache.org>
 <e8872030-465c-ae04-87e3-43667b7d6090@gmail.com>
 <3144da0d-40ed-6197-b020-a7c791e1e04a@apache.org>
 <03d1f078-da10-07c5-df30-79d3f8ac49e8@gmail.com>
From: Daniel Gruno <humbedooh@apache.org>
Message-ID: <e3fec7d8-dafb-30ac-bf31-ac806d029e0a@apache.org>
Date: Mon, 11 Sep 2017 10:59:42 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <03d1f078-da10-07c5-df30-79d3f8ac49e8@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Subject: Re: [users@httpd] CSP nonces in apache
archived-at: Mon, 11 Sep 2017 08:59:51 -0000

On 09/11/2017 10:48 AM, Luis Speciale wrote:
> Le 07/09/2017 à 20:57, Daniel Gruno a écrit :
> 
>>
>> might be that you need to uppercase it to NUMBNONCE.
> 
> After a week trying I'm beginning to think that it can't be done the way
> I thought. Is there a way (another, of course) to achieve this?

It SHOULD work.
I tested the following:

SubstituteInheritBefore on
SetOutputFilter SUBSTITUTE # Forcing substitute on everything
Define NUMBNONCE "1234"
Substitute "s/<(script|style)((?!\s*src=)?.*)>/<$1  nonce-${NUMBNONCE}$2>/i"

My HTML then showed "<script nonce-1234 ...>"

> 
> Luis
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org