From 6630273fab5ec3bfb9877a1a2381c050f5bb5a65 Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Fri, 2 Feb 2024 20:40:17 +0100
Subject: [PATCH] update blazor app

---
 BlazorAuth0Bff/Server/SecurityHeadersDefinitions.cs | 9 ++++++---
 MyApi/MyApi.csproj                                  | 2 +-
 README.md                                           | 1 +
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/BlazorAuth0Bff/Server/SecurityHeadersDefinitions.cs b/BlazorAuth0Bff/Server/SecurityHeadersDefinitions.cs
index 11c31af..45392e5 100644
--- a/BlazorAuth0Bff/Server/SecurityHeadersDefinitions.cs
+++ b/BlazorAuth0Bff/Server/SecurityHeadersDefinitions.cs
@@ -26,9 +26,12 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev, strin
 
                 // due to Blazor
                 builder.AddScriptSrc()
-                    // .Self() Add this if you want to use the visual studio debugging tools
-                    .WithNonce()
-                    .UnsafeEval();
+                  .WithHash256("sha256-wTSw2ZoYOVpX8Sl5cEiYcCF8ddvCbjJhiX+oYQqD1s4=")
+                  .WithNonce()
+                  .UnsafeEval() // due to Blazor WASM
+                  .StrictDynamic()
+                  .UnsafeInline(); // only a fallback for older browsers when the nonce is used 
+
             })
             .RemoveServerHeader()
             .AddPermissionsPolicy(builder =>
diff --git a/MyApi/MyApi.csproj b/MyApi/MyApi.csproj
index 9dc8a6e..839f166 100644
--- a/MyApi/MyApi.csproj
+++ b/MyApi/MyApi.csproj
@@ -13,7 +13,7 @@
 	  <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
 	  <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
 	  <PackageReference Include="Serilog" Version="3.1.1" />
-	  <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
+	  <PackageReference Include="Serilog.AspNetCore" Version="8.0.1" />
 	  <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 	  <PackageReference Include="Serilog.Settings.Configuration" Version="8.0.0" />
 	  <PackageReference Include="Serilog.Sinks.Console" Version="5.0.1" />
diff --git a/README.md b/README.md
index 1483b81..6c9e161 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,7 @@
 
 ## History
 
+- 2024-02-02 Updated packages, fix refresh bug
 - 2024-01-14 Updated packages, improve security headers in blazor app
 - 2023-11-25 Updated .NET 8
 - 2023-11-03 Updated packages, fixed security headers