build_policy
Builds a Content Security Policy (CSP) string from a configuration dictionary, optionally injecting a nonce value into directives containing the nonce sentinel.
def build_policy(
config: dict,
nonce: string
) - > string
Constructs a Content Security Policy (CSP) string from a configuration dictionary and an optional nonce.
Parameters
| Name | Type | Description |
|---|---|---|
| config | dict | A dictionary mapping CSP directives to their values, which can be booleans, strings, or collections of strings. |
| nonce | string | A unique cryptographic token used to authorize specific inline scripts or styles; replaces the CSP.NONCE sentinel if present. |
Returns
| Type | Description |
|---|---|
string | A semicolon-delimited string of CSP directives and their associated values, formatted for use in an HTTP header. |