dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Initial support for Content Security Policy, disabled by default
[lhc/web/wiklou.git] / includes / EditPage.php
diff --git a/includes/EditPage.php b/includes/EditPage.php
index 4f6b7b4..6d39e3a 100644 (file)
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -4111,12 +4111,15 @@ ERROR;
 
                $script .= '});';
 
+               $nonce = $wgOut->getCSPNonce();
+               $wgOut->addScript( ResourceLoader::makeInlineScript( $script, $nonce ) );
+
                $toolbar = '<div id="toolbar"></div>';
 
                if ( Hooks::run( 'EditPageBeforeEditToolbar', [ &$toolbar ] ) ) {
                        // Only add the old toolbar cruft to the page payload if the toolbar has not
                        // been over-written by a hook caller
-                       $wgOut->addScript( ResourceLoader::makeInlineScript( $script ) );
+                       $wgOut->addScript( ResourceLoader::makeInlineScript( $script, $nonce ) );
                };
 
                return $toolbar;
Wiklou, le Wiki du Wiklou