take GirdView as sample.
source code is like below.
<form id="form1" runat="server">
<div>
<asp:ScriptManager runat="server"></asp:ScriptManager>
<asp:UpdatePanel runat="server">
<ContentTemplate>
<asp:GridView ID="GridView1" runat="server" OnRowDataBound="GridView1_RowDataBound">
<Columns>
<asp:TemplateField>
<ItemTemplate>
<%# Eval("name") %>
</ItemTemplate>
</asp:TemplateField>
<asp:TemplateField>
<ItemTemplate>
<asp:ImageButton runat="server" ID="itemDelete" staffname='<%# Eval("name") %>' OnClientClick='<%# Eval("name", "Close(\"Delete the record {0}?\");")%>'></asp:ImageButton>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
</ContentTemplate>
</asp:UpdatePanel>
</div>
</form>
after page Load, some of <script src="/WebResource.axd?d=..."/> or <script src="/ScriptResource.axd?..."/> will auto generated with out nonce tag. how to add nonce tag in these "script" tags?
<form method="post" action="./girdview.aspx" id="form1">
<div class="aspNetHidden">
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="..." />
</div>
<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['form1'];
if (!theForm) {
theForm = document.form1;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>
<script src="/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZC5FY2_xsh64gZzzQn23ap9tDlFT-VMWVFcqZhZ-jZmMkw_e813C4wpyL_ctR1RWXw2&t=638092287399240701" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQqPhd2mIWpvMM35vraVdd3WP-pLnoORM22dE6XZUeaZz7k_ifIATtNlrK0Y6ozu60GLFUkcLgRi3Vza7DDY2uHfBgbgyYGdpvcw7eBEhnnOdVgJWMzvdufE0KMrDXLDHi9Qg_s8GsZ43zH1iAPvIH2g1&t=d41bf5a" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
if (typeof(Sys) === 'undefined') throw new Error('ASP.NET Ajax client-side framework failed to load.');
//]]>
</script>
<script src="/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1taHLEXdmSDmWB-Qg1qxod1zo1-xs6ELeLuleiOH2KYv_JAub_8YIO57rPziorAGWYrjh9VnMBaWuK6JXmPkXZjD5ChcuXEf92cSUcx4oWR8YQgSOFIKzAI0RHwGMx4bqZha7QnFWJDz0jD_XwoeXaIDujm1aGPbjy1-9ZQNRfxYX0&t=d41bf5a" type="text/javascript"></script>
<div>
<script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl02', 'form1', ['tctl03','ctl03'], [], [], 90, '');
//]]>
</script>
<div id="ctl03">
<div>
<table cellspacing="0" rules="all" border="1" id="GridView1" style="border-collapse:collapse;">
<tr>
<th scope="col"> </th><th scope="col"> </th><th scope="col">id</th><th scope="col">name</th>
</tr><tr>
<td>
name1
</td><td>
<input type="image" name="GridView1$ctl02$itemDelete" id="GridView1_itemDelete_0" staffname="name1" onclick="Close("Delete the record name1?");" />
</td><td>1</td><td>name1</td>
</tr><tr>
<td>
name2
</td><td>
<input type="image" name="GridView1$ctl03$itemDelete" id="GridView1_itemDelete_1" staffname="name2" onclick="Close("Delete the record name2?");" />
</td><td>2</td><td>name2</td>
</tr>
</table>
</div>
</div>
</div>
<div class="aspNetHidden">
<input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C583E297" />
</div></form>