nonce_attr
Retrieves a security nonce from the context and returns it as a formatted HTML attribute string or applies it to a media object's rendering attributes.
def nonce_attr(
context: dict,
media: object
) - > string
Generates a nonce attribute string or renders media with a nonce for Content Security Policy (CSP) compliance.
Parameters
| Name | Type | Description |
|---|---|---|
| context | dict | The template context dictionary containing the CSP nonce value under the CONTEXT_KEY. |
| media | object | An optional Django-style Media object to be rendered with the nonce attribute applied to its tags. |
Returns
| Type | Description |
|---|---|
string | An HTML-safe string containing the nonce attribute (e.g., 'nonce="value"'), the rendered media with the nonce applied, or an empty string if no nonce is present. |