agentic-dev-template

fraqtal/agentic-dev-template

Fork 0

Commit Graph

Author	SHA1	Message	Date
Danijel Martinek	b681e906ea	feat(web-next): wire security headers middleware and nonce threading - Add apps/web-next/middleware.ts calling withSecurityHeaders() from core-shared/security/next; exports matcher config excluding static assets - Update layout.tsx to call getNonce() and render <meta name="csp-nonce"> so client-side JS can read the per-request nonce - Update instrumentation-client.ts to read nonce from csp-nonce meta tag and pass it to initSentryClient for feedbackIntegration CSP compliance - Add nonce option to initSentryClient (InitClientOpts.nonce) and thread styleNonce + scriptNonce into feedbackIntegration when provided - Add middleware test asserting all six headers, prod/dev CSP shape, and x-nonce presence; add feedbackIntegration nonce tests to core-shared Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-20 10:10:12 +00:00

Author

SHA1

Message

Date

Danijel Martinek

b681e906ea

feat(web-next): wire security headers middleware and nonce threading

- Add apps/web-next/middleware.ts calling withSecurityHeaders() from
  core-shared/security/next; exports matcher config excluding static assets
- Update layout.tsx to call getNonce() and render <meta name="csp-nonce">
  so client-side JS can read the per-request nonce
- Update instrumentation-client.ts to read nonce from csp-nonce meta tag
  and pass it to initSentryClient for feedbackIntegration CSP compliance
- Add nonce option to initSentryClient (InitClientOpts.nonce) and thread
  styleNonce + scriptNonce into feedbackIntegration when provided
- Add middleware test asserting all six headers, prod/dev CSP shape, and
  x-nonce presence; add feedbackIntegration nonce tests to core-shared

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-20 10:10:12 +00:00

1 Commits