AddToAny With A CSP

Use a nonce (required)

1. Generate a nonce per request, for example:
   MTM5MTcyMzIyNSwyOTMzNzMzNTQ=
2. Include the nonce in your CSP:
   Content-Security-Policy: script-src 'nonce-MTM5MTcyMzIyNSwyOTMzNzMzNTQ='
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MTM5MTcyMzIyNSwyOTMzNzMzNTQ=" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' (optional strict CSP)

1. Generate a nonce per request, for example:
   MTM5MTcyMzIyNSwyOTMzNzMzNTQ=
2. Include the nonce in your strict CSP:
   Content-Security-Policy: script-src 'nonce-MTM5MTcyMzIyNSwyOTMzNzMzNTQ=' 'strict-dynamic'
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MTM5MTcyMzIyNSwyOTMzNzMzNTQ=" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' + Trusted Types (optional strictest CSP)

1. Generate a nonce per request, for example:
   MTM5MTcyMzIyNSwyOTMzNzMzNTQ=
2. Include the nonce in your strict CSP requiring Trusted Types:
   Content-Security-Policy: script-src 'nonce-MTM5MTcyMzIyNSwyOTMzNzMzNTQ=' 'strict-dynamic' require-trusted-types-for 'script'
3. Add the addtoany policy name if you are using the trusted-types directive:
   Content-Security-Policy: script-src 'nonce-MTM5MTcyMzIyNSwyOTMzNzMzNTQ=' 'strict-dynamic' require-trusted-types-for 'script'; trusted-types addtoany
4. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MTM5MTcyMzIyNSwyOTMzNzMzNTQ=" src="https://static.addtoany.com/menu/page.js"></script>