CSP middleware does not work properly

reproduction repo: https://github.com/predaytor/fresh-project-csp-middleware-bug

```tsx
import { csp } from "fresh";

// nonce missing but header set
// app.use(csp({ useNonce: true }));

app.get('/', (ctx) => {
    return ctx.render(
        <html>
            <head>
                <style>{'body { color: red; }'}</style>
            </head>
            <body>
                <h1>Hello</h1>
            </body>
        </html>,
    );
});

// works, but `content-security-header` is not set
app.use(csp({ useNonce: true }));
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CSP middleware does not work properly #3844

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

CSP middleware does not work properly #3844

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions