Bug #100905: Deny base-uri and object-src per default - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #100905

closed

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Feature #99499: Introduce Content Security Policy handling

Deny base-uri and object-src per default

Added by Oliver Hader over 1 year ago. Updated 4 months ago.

Status:

Closed

Priority:

Should have

Assignee:

Oliver Hader

Category:

Security

Target version:

Start date:

2023-05-20

Due date:

% Done:

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

new MutationCollection(
    new Mutation(MutationMode::Set, Directive::ObjectSrc, SourceKeyword::none),
    new Mutation(MutationMode::Set, Directive::BaseUri, SourceKeyword::none),
)

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #100905

Deny base-uri and object-src per default

Updated by Oliver Hader about 1 year ago

Updated by Oliver Hader about 1 year ago

Updated by Benni Mack 4 months ago