44
55namespace CustomGento \Cookiebot \Model ;
66
7+ use Magento \Csp \Helper \CspNonceProvider ;
8+
79class ScriptGenerator
810{
911 private const COOKIEBOT_SCRIPT_FORMAT = '<script
@@ -12,35 +14,34 @@ class ScriptGenerator
1214 src="https://consent.cookiebot.com/uc.js"
1315 data-cbid="%s"
1416 %s
17+ %s
1518 type="text/javascript" async></script> '
1619 private const EU_COOKIEBOT_SCRIPT_FORMAT = '<script
1720 id="Cookiebot"
1821 data-cfasync="false"
1922 src="https://consent.cookiebot.eu/uc.js"
2023 data-cbid="%s"
2124 %s
25+ %s
2226 type="text/javascript" async></script> '
2327
24- /**
25- * @var Config
26- */
27- private $ config
28-
29- public function __construct (Config $ config
30- {
31- $ this config = $ config
28+ public function __construct (
29+ private readonly Config $ config
30+ private readonly CspNonceProvider $ cspNonceProvider
31+ ) {
3232 }
3333
3434 public function generate (): string
3535 {
3636 $ cookiebotId$ this config ->getId ();
3737 $ dataCulture$ this config ->getDataCulture () ?
3838 sprintf ('data-culture="%s" ' , $ this config ->getDataCulture ()) : '' ;
39+ $ noncesprintf ('nonce="%s" ' , $ this cspNonceProvider ->generateNonce ());
3940
4041 if ($ this config ->useEuCdn ()) {
41- return sprintf (self ::EU_COOKIEBOT_SCRIPT_FORMAT , $ cookiebotId$ dataCulture
42+ return sprintf (self ::EU_COOKIEBOT_SCRIPT_FORMAT , $ cookiebotId$ dataCulture, $ nonce
4243 }
4344
44- return sprintf (self ::COOKIEBOT_SCRIPT_FORMAT , $ cookiebotId$ dataCulture
45+ return sprintf (self ::COOKIEBOT_SCRIPT_FORMAT , $ cookiebotId$ dataCulture, $ nonce
4546 }
4647}
0 commit comments