Generates a cryptographically random nonce string for Content Security
Policy headers. Used to allow specific inline scripts in webviews while
maintaining security.
Uses crypto.randomBytes so the nonce is unpredictable to an attacker.
Math.random is NOT safe for security-sensitive values.
Returns string
A 32-character random string suitable for CSP nonce attribute.
Generates a cryptographically random nonce string for Content Security Policy headers. Used to allow specific inline scripts in webviews while maintaining security.
Uses
crypto.randomBytesso the nonce is unpredictable to an attacker.Math.randomis NOT safe for security-sensitive values.