From 022fdbd3987690579833bb5ed74001a1f2bb4cee Mon Sep 17 00:00:00 2001
From: Pietro Albini <pietro@pietroalbini.org>
Date: Thu, 8 Apr 2021 13:23:57 +0200
Subject: [PATCH] add another comment about random nonces

---
 src/web/csp.rs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/web/csp.rs b/src/web/csp.rs
index 92821669c..620ff8bd5 100644
--- a/src/web/csp.rs
+++ b/src/web/csp.rs
@@ -8,8 +8,11 @@ pub(super) struct Csp {
 
 impl Csp {
     fn new() -> Self {
+        // Nonces need to be different for each single request in order to maintain security, so we
+        // generate a new one with a cryptographically-secure generator for each request.
         let mut random = [0u8; 36];
         getrandom::getrandom(&mut random).expect("failed to generate a nonce");
+
         Self {
             nonce: base64::encode(&random),
             suppress: false,