AddToAny With A CSP

Use a nonce (required)

1. Generate a nonce per request, for example:
   MzExMTMwNzgwMSwyNDY2MzU5MzQx
2. Include the nonce in your CSP:
   Content-Security-Policy: script-src 'nonce-MzExMTMwNzgwMSwyNDY2MzU5MzQx'
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MzExMTMwNzgwMSwyNDY2MzU5MzQx" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' (optional strict CSP)

1. Generate a nonce per request, for example:
   MzExMTMwNzgwMSwyNDY2MzU5MzQx
2. Include the nonce in your strict CSP:
   Content-Security-Policy: script-src 'nonce-MzExMTMwNzgwMSwyNDY2MzU5MzQx' 'strict-dynamic'
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MzExMTMwNzgwMSwyNDY2MzU5MzQx" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' + Trusted Types (optional strictest CSP)

1. Generate a nonce per request, for example:
   MzExMTMwNzgwMSwyNDY2MzU5MzQx
2. Include the nonce in your strict CSP requiring Trusted Types:
   Content-Security-Policy: script-src 'nonce-MzExMTMwNzgwMSwyNDY2MzU5MzQx' 'strict-dynamic' require-trusted-types-for 'script'
3. Add the addtoany policy name if you are using the trusted-types directive:
   Content-Security-Policy: script-src 'nonce-MzExMTMwNzgwMSwyNDY2MzU5MzQx' 'strict-dynamic' require-trusted-types-for 'script'; trusted-types addtoany
4. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="MzExMTMwNzgwMSwyNDY2MzU5MzQx" src="https://static.addtoany.com/menu/page.js"></script>