Skip to content

fix: force dynamic rendering for CSP nonces#113

Merged
WhiteMuush merged 1 commit into
mainfrom
fix/csp-static-pages
Jul 11, 2026
Merged

fix: force dynamic rendering for CSP nonces#113
WhiteMuush merged 1 commit into
mainfrom
fix/csp-static-pages

Conversation

@WhiteMuush

Copy link
Copy Markdown
Owner

The e2e smoke test (PR #112) caught this in CI: statically prerendered pages (only /login in practice) cannot carry the per-request CSP nonce, so their parser-inserted script tags are blocked under strict-dynamic and login never navigates. Dev rendering is always on demand, which is why local checks passed. Fix: export const dynamic = force-dynamic in the root layout; every other route was already dynamic (auth + DB). Verified against a local production build: /login builds as dynamic and the smoke spec passes in 1.2s.

@WhiteMuush WhiteMuush merged commit 727e8bf into main Jul 11, 2026
11 checks passed
@WhiteMuush WhiteMuush deleted the fix/csp-static-pages branch July 11, 2026 11:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant