Project

General

Profile

Actions
Copy link

Task #100141

closed

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Feature #99499: Introduce Content Security Policy handling

Add possibility to add resource hashes

Added by Oliver Hader about 1 year ago. Updated 3 months ago.

Status:
Closed
Priority:
Should have
Assignee:
Oliver Hader
Category:
Security
Target version:
12 LTS
Start date:
2023-03-11
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

  • support SHA256 (default), SHA384 or SHA512 as HashType enum
  • HashValue('<base-64-value', HashType::SHA256)
  • HashFileCollection(['EXT:extension/Resources/Public/file.js'], HashType::SHA256)
  • SourceKeyword::unsafeHashes
  • extend documentation + info about consequences when using nonce or hash values

Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #101183: CSP hash values cannot be reconstitutedResolved2023-06-27

Actions
Is duplicate of TYPO3 Core - Feature #87420: Integrate signatures for Stylesheet and JavaScript resourcesClosed2019-01-13

Actions
Actions
Copy link
 #1

Updated by Oliver Hader about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Oliver Hader about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Oliver Hader about 1 year ago

  • Tracker changed from Task to Feature
  • TYPO3 Version deleted (12)
Actions
Copy link
 #4

Updated by Gerrit Code Review about 1 year ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78102

Actions
Copy link
 #5

Updated by Gerrit Code Review about 1 year ago

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78102

Actions
Copy link
 #6

Updated by Gerrit Code Review about 1 year ago

Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78102

Actions
Copy link
 #7

Updated by Oliver Hader about 1 year ago

  • Tracker changed from Feature to Task
  • TYPO3 Version set to 12
Actions
Copy link
 #8

Updated by Gerrit Code Review about 1 year ago

Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78102

Actions
Copy link
 #9

Updated by Gerrit Code Review about 1 year ago

Patch set 5 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78102

Actions
Copy link
 #10

Updated by Oliver Hader about 1 year ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #11

Updated by Oliver Hader about 1 year ago

  • Is duplicate of Feature #87420: Integrate signatures for Stylesheet and JavaScript resources added
Actions
Copy link
 #12

Updated by Oliver Hader 10 months ago

  • Related to Bug #101183: CSP hash values cannot be reconstituted added
Actions
Copy link
 #13

Updated by Benni Mack 3 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF