http://forge.typo3.org/http://forge.typo3.org/themes/typo3_forge/favicon/favicon.png?17058661692014-12-23T19:45:58ZTYPO3 ForgeTYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2422322014-12-23T19:45:58ZMathias Schreibermathias.schreiber@typo3.com
<ul><li><strong>Target version</strong> changed from <i>7.0</i> to <i>7.1 (Cleanup)</i></li></ul> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2615842015-06-15T17:08:30ZBenni Mackbenni@typo3.org
<ul><li><strong>Target version</strong> changed from <i>7.1 (Cleanup)</i> to <i>7.4 (Backend)</i></li></ul> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2697362015-08-05T10:26:08ZSusanne Moogsusanne.moog@typo3.org
<ul><li><strong>Target version</strong> changed from <i>7.4 (Backend)</i> to <i>7.5</i></li></ul> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2776412015-09-24T19:18:27ZBenni Mackbenni@typo3.org
<ul><li><strong>Target version</strong> changed from <i>7.5</i> to <i>7 LTS</i></li></ul> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2835632015-10-28T23:16:01ZStefan Neufeindtypo3.neufeind@speedpartner.de
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Resolved</i></li></ul><p>just a few remaining evals, but all in JavaScript-code. Let's imho close it</p> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2957112016-01-31T15:46:49ZPeter Proellpeter@typo3.org
<ul></ul><p>There is still (7.6) CSP Issues in the backend (/typo3).</p>
<p>We should add a fitting CSP to the .htaccess in /typo3. Currently I am adding</p>
<p><strong>Header set Content-Security-Policy "default-src * 'unsafe-eval' 'unsafe-inline';</strong></p>
<p>in /typo3/.htaccess to overrule the more strict CSP of the website itself and make the backend work as well.</p>
<p>It would be a nice security feature if the TYPO3 backend would support a stricter CSP.</p>
<p>Infos on CSP:<br /><a class="external" href="http://content-security-policy.com/">http://content-security-policy.com/</a><br /><a class="external" href="https://de.wikipedia.org/wiki/Content_Security_Policy">https://de.wikipedia.org/wiki/Content_Security_Policy</a></p> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=2957122016-01-31T15:51:50ZPeter Proellpeter@typo3.org
<ul></ul><p>Opened a new ticket <a class="external" href="https://forge.typo3.org/issues/73047">https://forge.typo3.org/issues/73047</a> as I cannot reopen this one.</p> TYPO3 Core - Task #63712: Avoid use of eval() and replace ithttp://forge.typo3.org/issues/63712?journal_id=3464522017-10-21T17:45:12ZRiccardo De Contardierredeco@gmail.com
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>Closed</i></li></ul>