styled-jsx CSP Nonce Skill
Enable styled-jsx under strict Content-Security-Policy rules.
What to do
- •Identify the framework (Next.js pages router, app router, custom SSR).
- •Confirm where the nonce is generated (server) and how it reaches HTML.
- •Ensure:
- •CSP header includes style-src with the same nonce
- •styled-jsx style tags receive the nonce attribute
Output expectations
- •Provide the minimal code changes needed in the appropriate files.
- •Include notes on where the nonce originates and how it propagates.
- •Avoid insecure CSP suggestions (do not recommend unsafe-inline).