How does the `nonce` attribute enhance security in the `<style>` element?

The nonce attribute allows inline styles to be securely applied by using a unique, unpredictable value.

The nonce attribute is used in conjunction with a Content Security Policy (CSP) to allow inline styles while preventing unauthorized scripts. The server generates a unique nonce value for each request, which must match the nonce in the policy. This ensures that only styles with the correct nonce are executed, enhancing security by preventing cross-site scripting (XSS) attacks.

<style nonce="random123">
  p { color: red; }
</style>

More cards⁶

Show all

What is the purpose of the `media` attribute in the `<style>` element?

What is the function of the `blocking` attribute in the `<style>` element?

In the following code, what background color will the paragraph have?

<style>
  p { background-color: blue; }
</style>
<style>
  p { background-color: yellow; }
</style>
<p>This is my paragraph.</p>

How does the nonce attribute enhance security in the <style> element?

More cards6

What is the purpose of the media attribute in the <style> element?

What is the function of the blocking attribute in the <style> element?

In the following code, what background color will the paragraph have?

What happens when multiple <style> elements are included in a document?

How does the `nonce` attribute enhance security in the `<style>` element?

More cards⁶

What is the purpose of the `media` attribute in the `<style>` element?

What is the function of the `blocking` attribute in the `<style>` element?

What happens when multiple `<style>` elements are included in a document?