Vulnerability in EPiServer.Forms
Is it possible to create a strict content security policy using a nonce directive on inline script elements added from Optimizely Forms?
If I understand correctly you are just wanting to add:
To the inline scripts in forms?
There are 2 ways I can think of to do this.
Option 1 - Modify the forms views, you will need to find the views in the forms.zip in the modules folder, extract these and then you can edit as you please.
Option 2 - If I am right the scripts will be added as part of the FormContainer, you could create your own and then modify as you wish.
Other info that will help also https://docs.developers.optimizely.com/content-management-system/docs/content-security-policy
Thanks Paul - I believe that is part of the solution, however there are other scripts injected on the page. I think I have just found a solution:
There is an alternative though would not suggest, you can disable the us of JS in Forms, though you then have limited functionality.