-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce content security policy (CSP) #29545
Merged
Merged
+193
−13
Commits on Jan 31, 2019
-
csp: nonce and unsafe-eval for scripts
To kick things off, a rudimentary CSP implementation only allows dynamically loading new JavaScript if it includes an associated nonce that is generated on every load of the app. A more sophisticated content security policy is necessary, particularly one that bans eval for scripts, but one step at a time.
Configuration menu - View commit details
-
Copy full SHA for 9f40321 - Browse repository at this point
Copy the full SHA 9f40321View commit details -
Configuration menu - View commit details
-
Copy full SHA for d993433 - Browse repository at this point
Copy the full SHA d993433View commit details -
Configuration menu - View commit details
-
Copy full SHA for c92b482 - Browse repository at this point
Copy the full SHA c92b482View commit details -
Configuration menu - View commit details
-
Copy full SHA for 20b1714 - Browse repository at this point
Copy the full SHA 20b1714View commit details -
Configuration menu - View commit details
-
Copy full SHA for 876ddf6 - Browse repository at this point
Copy the full SHA 876ddf6View commit details -
Configuration menu - View commit details
-
Copy full SHA for d8b6af7 - Browse repository at this point
Copy the full SHA d8b6af7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3dce3c9 - Browse repository at this point
Copy the full SHA 3dce3c9View commit details -
Configuration menu - View commit details
-
Copy full SHA for be59cf9 - Browse repository at this point
Copy the full SHA be59cf9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 86ae1d3 - Browse repository at this point
Copy the full SHA 86ae1d3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9d82aeb - Browse repository at this point
Copy the full SHA 9d82aebView commit details -
Configuration menu - View commit details
-
Copy full SHA for 06c39d9 - Browse repository at this point
Copy the full SHA 06c39d9View commit details
Commits on Feb 1, 2019
-
docs: people -> you for consistency sake
Co-Authored-By: epixa <court@epixa.com>
Configuration menu - View commit details
-
Copy full SHA for c5f9f3d - Browse repository at this point
Copy the full SHA c5f9f3dView commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.