diff --git a/frontend/next.config.js b/frontend/next.config.js
index b1afa286..089429d4 100644
--- a/frontend/next.config.js
+++ b/frontend/next.config.js
@@ -96,7 +96,7 @@ const nextConfig = {
},
{
key: 'Content-Security-Policy',
- value: "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:; frame-ancestors 'none'; base-uri 'self'; form-action 'self'",
+ value: "default-src 'self'; script-src 'self' 'strict-dynamic'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests",
},
],
},
diff --git a/frontend/src/app/layout.tsx b/frontend/src/app/layout.tsx
index dc55418e..5df1b37b 100644
--- a/frontend/src/app/layout.tsx
+++ b/frontend/src/app/layout.tsx
@@ -1,15 +1,18 @@
import type { ReactNode } from 'react';
+import { headers } from 'next/headers';
import { ErrorBoundary } from '../components/ErrorBoundary';
import { darkModeInitScript } from '../lib/darkMode';
import '../styles/accessibility.css';
export const metadata = { title: 'PredictIQ' };
-export default function RootLayout({ children }: { children: ReactNode }) {
+export default async function RootLayout({ children }: { children: ReactNode }) {
+ const nonce = (await headers()).get('x-nonce') ?? '';
+
return (
-
+
diff --git a/frontend/src/components/LandingPage.tsx b/frontend/src/components/LandingPage.tsx
index 2507276d..ffb46c12 100644
--- a/frontend/src/components/LandingPage.tsx
+++ b/frontend/src/components/LandingPage.tsx
@@ -1,6 +1,7 @@
import React from 'react';
import { useI18n } from '../lib/hooks/useI18n';
import { useDarkMode } from '../lib/hooks/useDarkMode';
+import { type Locale } from '../lib/i18n';
import { Statistics } from './Statistics';
import { ErrorBoundary } from './ErrorBoundary';
@@ -92,7 +93,7 @@ export const LandingPage: React.FC = ({ className }) => {