Fix component guide inline JS CSP hash

Everything inside the script tags, including both leading and trailing spaces, is important for the hash.
alphagov · Mar 1, 2019 · e6aa661 · e6aa661
1 parent a35b180
commit e6aa661
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/config/initializers/csp.rb b/config/initializers/csp.rb
@@ -60,8 +60,8 @@ def self.build
       # https://github.com/alphagov/govuk_template/blob/79340eb91ad8c4279d16da302765d0946d89b1ca/source/views/layouts/govuk_template.html.erb#L40
       "'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='",
 
-      # The same as above but with leading whitespace as used by the component guide
-      "'sha256-+/sukrsYfvM/tHbNll4hTsl0mtvAQUFXZWdCg49lerI='",
+      # The same as above but with leading and trailing whitespace as used by the component guide
+      "'sha256-IWjjekDxqqURWMjVH447fuaAvoZKwpDwLS0ZdcJ+Ey4='",
 
       # ALlow the script that removes `js-enabled` from body if there's an error
       # https://github.com/alphagov/govuk_template/blob/79340eb91ad8c4279d16da302765d0946d89b1ca/source/views/layouts/govuk_template.html.erb#L112-L113