Skip to content

Commit 5a0fc4d

Browse files
justin808claude
justin808
and
claude
committed
Add CHANGELOG entry for CSP nonce support
Document the new CSP nonce support feature in CHANGELOG.md following project conventions. Entry includes implementation details and PR reference. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
1 parent 8e8d3bd commit 5a0fc4d

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,10 @@ After a release, please make sure to run `bundle exec rake update_changelog`. Th
2323

2424
Changes since the last non-beta release.
2525

26+
#### Added
27+
28+
- **CSP Nonce Support for Console Replay**: Added Content Security Policy (CSP) nonce support for the `consoleReplay` script generated during server-side rendering. When Rails CSP is configured, the console replay script will automatically include the nonce attribute, allowing it to execute under restrictive CSP policies like `script-src: 'self'`. The implementation includes cross-version Rails compatibility (5.2-7.x) and defense-in-depth nonce sanitization to prevent attribute injection attacks. [PR 2059](https://github.com/shakacode/react_on_rails/pull/2059) by [justin808](https://github.com/justin808).
29+
2630
### [v16.2.0.beta.10] - 2025-11-18
2731

2832
#### Added

0 commit comments

Comments
 (0)