In CSP we were using script-src 'self' 'unsafe-inline'
but for security purpose need to remove 'unsafe-inline' , we added 'nonce-a9f04fd1-06cf-4948-9d66-ea306e581896' for inline script.
applied nonce for inline script
<script type="text/javascript" nonce="a9f04fd1-06cf-4948-9d66-ea306e581896">
</script>
but after applying these change kendo controls not working. Our assumption is there are dynamic inline scripts generated for kendo controls which not contains nonce. so it may cause an issue.
we also tried DeferredScripts but no success. after applying 'unsafe-inline' it works.
<script type="text/javascript" nonce="a9f04fd1-06cf-4948-9d66-ea306e581896">
@Html.Kendo().DeferredScripts()
</script>
Please suggest as we want to remove 'unsafe-inline' with kendo controls need to work.