Skip to content

[Demand] Enable Content Security Policy #5770

New issue
New issue
Open
Open
[Demand] Enable Content Security Policy#5770
Assignees
Jack-Works
Labels
Demand: DraftDiscussion: Security
@Jack-Works

Description

@Jack-Works
Jack-Works
opened on Mar 3, 2022

https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

Roadmap

  • Setup a CSP report server
  • Have a CSP list and generate appropriate CSP policy string
  • Enable report-only CSP in development mode
  • Add good URLs to the allow list
  • Enable report-only CSP in production mode
  • Enable strict CSP in development mode
  • Enable strict CSP in production mode

Metadata

Metadata

Assignees

Labels

Demand: DraftDiscussion: Security

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions