Recently stopped working - related to Netlify extensions release?

[ryangittings]

Hi,

I have the following config in netlify.toml:

[[plugins]]
  package = "@netlify/plugin-csp-nonce"

  [plugins.inputs]
    reportOnly = false
    excludedPath = [
      "/geo"
    ]

No matter what I do, the deployed version uses content-security-policy-report-only, and therefore breaks the CSP and my existing CSP in headers is Content-Security-Policy, therefore all the new nonce'd inline don't work... This suddenly stopped working recently which is odd...

[ehsaan-changa]

Hey,

For me nothing is working . Even this "x-debug-csp-nonce", "invoked" header is not getting set.
I have below config in netlify.toml:

[[plugins]] package = "@netlify/plugin-csp-nonce" [plugins.inputs] reportOnly = false excludedPath = [ "/api/*", ]

I think the package is not working anymore. Is it so ??.

[ryangittings]

FYI the fix for me was to remove the integration via the UI.

[ehsaan-changa]

@ryangittings , Sorry can't get you. Can you please explain ??

[ryangittings]

Go to Home -> Extensions then remove the CSP plugin (that's what worked for me).

[ehsaan-changa]

What home ?? . Actually i don't have any extensions installed. I just did it via npm package.

There are two ways of doing it . One is via netlify configuration and 2nd is via npm plugin.
I choose 2nd one and it's not working.