Actions
Bug #104727
closed
Mode "reduce" in csp.yaml not working
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Content Security Policy
Target version:
-
Start date:
2024-08-25
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
I defined the following csp.yaml:
inheritDefault: true
mutations:
- mode: reduce
directive: 'style-src-attr'
sources:
- "'unsafe-inline'"
to remove the 'unsafe-inline" source from "style-src-attr". However, the header still sends it:
style-src-attr 'unsafe-inline' 'report-sample';
Updated by 
Updated by 
Updated by
Actions