AddToAny With A Strict CSP

Use a nonce

  1. Generate a nonce per request, for example:
    Mzg1NDQ3MjcwMSwxMDgxNDIyMzMw
  2. Include the nonce in your strict CSP:
    3. Content-Security-Policy: script-src 'nonce-Mzg1NDQ3MjcwMSwxMDgxNDIyMzMw'
  3. Add the nonce attribute to your AddToAny <script> tag like so:
    <script async nonce="Mzg1NDQ3MjcwMSwxMDgxNDIyMzMw" src="https://static.addtoany.com/menu/page.js"></script>