Actions
Task #87422
open
Epic #87417: Integrate proper Content Security Policy (CSP) handling
Integrate extension meta-manifest
Status:
Accepted
Priority:
Should have
Assignee:
-
Category:
composer
Target version:
Start date:
2019-01-13
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Sprint Focus:
Description
In order to allow that some 3rd party extension is retrieving data from remote sources, this has to be declared in a structured way in a extension manifest.
Idea/Documentation:¶
Example (this requires more research on standards and how it could be declared better):
{
"remoteSources": {
"script": [
],
"style": [
"type": "font",
"url": "https://use.fontawesome.com/releases/v5.6.3/css/all.css",
"description": "In order to make use of... (description for admin that grants access to this resource)"
]
}
}
Current Draft¶
- see https://notes.typo3.org/yq1hOL2NSaiqH0jcFREQsA?view
- or markdown file attached to this issue
- consider adding signatures/hashes over content to be embedded (→ someone™ would have to verify the content)
Files
Updated by Oliver Hader over 3 years ago
- Subject changed from Integrate remote resource manifest to Integrate extension meta-manifest
Updated by Oliver Hader over 3 years ago
- Description updated (diff)
- Status changed from New to Accepted
- TYPO3 Version changed from 10 to 11
Updated by Oliver Hader over 3 years ago
Updated by Oliver Hader about 3 years ago
- Target version changed from Candidate for Major Version to 12 LTS
Updated by Benni Mack over 1 year ago
- Target version changed from 12 LTS to Candidate for patchlevel
Actions