after updating to Camunda 7.18 (using spring boot) I read the documentation about the content security policy. It says:
$NONCE is a placeholder that is replaced by a random generated secure string. This nonce can be then used to enable inline scripts in the
index.html pages using another placeholder called
If you have custom inline scripts defined, make sure to add the aforementioned
nonce attribute to the script tag, otherwise they will be ignored by the browser."
Using this configuration inside index.html for tasklist web app, the following HTML wrong code is generated:
After changing the index.html like this it worked:
Is the documentation wrong or did I configure something wrong?