Implement Content-Security-Policy #15567
Draft
+35
−7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit cc6a35e Author: Kalista Payne <[email protected]> Date: Fri Dec 12 17:27:50 2025 -0600 fix(CSP): more Amazon domains commit 985b86c Author: Kalista Payne <[email protected]> Date: Fri Dec 12 17:18:08 2025 -0600 fix(csp): more loggly allowance commit 166bd31 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 17:12:00 2025 -0600 fix(csp): data, inline, some refactoring commit 1a0a6c1 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 17:05:44 2025 -0600 fix(CSP): override default script-src commit 023d988 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:56:24 2025 -0600 fix(CSP): unsafe-eval in default-src commit f51f0a0 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:52:14 2025 -0600 fix(CSP): move trusted list to default-src commit 83b2ba7 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:38:05 2025 -0600 fix(CSP): explicit habitica/aws in script-src commit d5ca517 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:31:38 2025 -0600 fix(CSP): need escaped single quotes commit c677a1f Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:27:46 2025 -0600 fix(CSP): unsafe-eval commit 6ef35c3 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 16:15:07 2025 -0600 fix(CSP): might need to skip entirely in dev but try no 'self' commit 5759fb3 Author: Kalista Payne <[email protected]> Date: Fri Dec 12 15:51:26 2025 -0600 fix(csp): permit AWS in default-src commit 9f238ab Author: Kalista Payne <[email protected]> Date: Fri Dec 5 17:22:25 2025 -0600 fix(csp): update helmet version to latest commit 9462e90 Author: Kalista Payne <[email protected]> Date: Tue Nov 25 09:27:05 2025 -0600 feat(security): implement CSP commit 72539f9 Author: Kalista Payne <[email protected]> Date: Wed Dec 10 14:16:53 2025 -0600 5.42.2 commit dabd466 Author: Kalista Payne <[email protected]> Date: Wed Dec 10 14:16:48 2025 -0600 Revert "Chat optimization (#15545)" This reverts commit 2917955. commit 8bf2304 Author: Kalista Payne <[email protected]> Date: Wed Dec 10 14:15:48 2025 -0600 chore(event): G1G1 date tweaks commit 6937dc4 Author: Kalista Payne <[email protected]> Date: Mon Dec 8 16:37:04 2025 -0600 fix(subscription): couple more layout tweaks
This reverts commit 90476cb.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #15412, enabling the feature of
helmetto manage the app's CSP headers, with a few relevant overrides set over the defaults.Updates
helmetto latest available version, 8.1.0.