AddToAny With A CSP

Use a nonce (required)

1. Generate a nonce per request, for example:
   ODc4MjY4NzU3LDczNTE0NDgyOA==
2. Include the nonce in your CSP:
   Content-Security-Policy: script-src 'nonce-ODc4MjY4NzU3LDczNTE0NDgyOA=='
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="ODc4MjY4NzU3LDczNTE0NDgyOA==" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' (optional strict CSP)

1. Generate a nonce per request, for example:
   ODc4MjY4NzU3LDczNTE0NDgyOA==
2. Include the nonce in your strict CSP:
   Content-Security-Policy: script-src 'nonce-ODc4MjY4NzU3LDczNTE0NDgyOA==' 'strict-dynamic'
3. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="ODc4MjY4NzU3LDczNTE0NDgyOA==" src="https://static.addtoany.com/menu/page.js"></script>

Use a nonce + 'strict-dynamic' + Trusted Types (optional strictest CSP)

1. Generate a nonce per request, for example:
   ODc4MjY4NzU3LDczNTE0NDgyOA==
2. Include the nonce in your strict CSP requiring Trusted Types:
   Content-Security-Policy: script-src 'nonce-ODc4MjY4NzU3LDczNTE0NDgyOA==' 'strict-dynamic' require-trusted-types-for 'script'
3. Add the addtoany policy name if you are using the trusted-types directive:
   Content-Security-Policy: script-src 'nonce-ODc4MjY4NzU3LDczNTE0NDgyOA==' 'strict-dynamic' require-trusted-types-for 'script'; trusted-types addtoany
4. Add the nonce attribute to your AddToAny <script> tag like so:
   <script defer nonce="ODc4MjY4NzU3LDczNTE0NDgyOA==" src="https://static.addtoany.com/menu/page.js"></script>