Project

General

Profile

Actions

Task #100887

open

Allow remote proxies to handle CSP nonce values

Added by Oliver Hader over 1 year ago. Updated 22 days ago.

Status:
Under Review
Priority:
Should have
Assignee:
-
Category:
Content Security Policy
Target version:
-
Start date:
2023-05-16
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

→ find examples at https://scotthelme.co.uk/csp-nonces-the-easy-way-with-cloudflare-workers/

Find a way that e.g. uses a static nonce value, e.g. <script src="..." nonce="[[nonce-placeholder]]"> which will be substituted by a remote proxy server (nginx, CloudFlare, ...). In addition, that proxy server would have to take care of adjusting the CSP HTTP headers as well.


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #103149: CSP prevents sitemap.xml inline CSS stylesResolved2024-02-19

Actions
Actions

Also available in: Atom PDF