Actions
Bug #100446
closedEpic #87417: Integrate proper Content Security Policy (CSP) handling
Feature #99499: Introduce Content Security Policy handling
Add youtube-nocookie.com to static CSP declarations
Start date:
2023-04-04
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
- TYPO3 backend
- introduction-package installed
- visit Web → View Module
- select
/Congratulations/Content Examples/Media/ (46)
in page tree
Refused to frame 'https://www.youtube-nocookie.com/' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
Updated by Gerrit Code Review almost 2 years ago
- Status changed from New to Under Review
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/78459
Updated by Oliver Hader almost 2 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 5743c855fe6a1784b6024c6500bcb48f2ead34f2.
Actions