apply_filters( 'wp_inline_script_attributes', array $attributes, string $javascript )

Filters attributes to be added to a script tag.


Parameters

$attributes array
Key-value pairs representing <script> tag attributes.
Only the attribute name is added to the <script> tag for entries with a boolean value, and that are true.
$javascript string
Inline JavaScript code.

Top ↑

Source

File: wp-includes/script-loader.php. View all references

$attributes = apply_filters( 'wp_inline_script_attributes', $attributes, $javascript );


Top ↑

Changelog

Changelog
Version Description
5.7.0 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    Contributed by Beda

    This has to be used to make WP a CSP compliant system (at least, in the front end. Remains to be tested in the admin area)

    function wpdocs_add_nonce_to_scripts( $attr ) {
    	if ( 'text/javascript' !== $attr['type'] ) {
    		return $attr;
    	}
    
    	return array(
    		'type' => 'text/javascript',
    		'nonce' => '123',// Your Nonce. Obviously more featured than this example.
    	);
    }
    add_filter( 'wp_inline_script_attributes', 'wpdocs_add_nonce_to_scripts' );

    Then, you can use 'nonce-123' in your CSP Policy, example:
    "script-src 'self' 'noncoe-123';"

You must log in before being able to contribute a note or feedback.