From e6aa6611aadf25d086f9f0c1da723651c552c0be Mon Sep 17 00:00:00 2001
From: Ruben Arakelyan <ruben.arakelyan@digital.cabinet-office.gov.uk>
Date: Fri, 1 Mar 2019 15:28:32 +0000
Subject: [PATCH] Fix component guide inline JS CSP hash

Everything inside the script tags, including both leading and trailing spaces, is important for the hash.
---
 config/initializers/csp.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/initializers/csp.rb b/config/initializers/csp.rb
index 93b6d4629..6fb96f72d 100644
--- a/config/initializers/csp.rb
+++ b/config/initializers/csp.rb
@@ -60,8 +60,8 @@ def self.build
       # https://github.com/alphagov/govuk_template/blob/79340eb91ad8c4279d16da302765d0946d89b1ca/source/views/layouts/govuk_template.html.erb#L40
       "'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='",
 
-      # The same as above but with leading whitespace as used by the component guide
-      "'sha256-+/sukrsYfvM/tHbNll4hTsl0mtvAQUFXZWdCg49lerI='",
+      # The same as above but with leading and trailing whitespace as used by the component guide
+      "'sha256-IWjjekDxqqURWMjVH447fuaAvoZKwpDwLS0ZdcJ+Ey4='",
 
       # ALlow the script that removes `js-enabled` from body if there's an error
       # https://github.com/alphagov/govuk_template/blob/79340eb91ad8c4279d16da302765d0946d89b1ca/source/views/layouts/govuk_template.html.erb#L112-L113