Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-1386

add content security policy to only allow scripts from self (prevent XSS)

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Minor
    • None
    • None
    • UI
    • None

    Description

      HTTP header:

      Content-Security-Policy: script-src 'self'

      Param to disable this or add more sites

      Attachments

        Activity

          People

            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: