Feature #87423

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Integrate CSP management module

Added by Oliver Hader over 2 years ago. Updated 10 days ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Backend User Interface
Start date:
2019-01-13
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

In oder to grant access, configure behavior and monitor configuration flaws or violations (e.g. of 3rd party extensions) a content security policy management module shall be integrated.

  • grant/revoke access (based on manifest)
  • configure content security level (predefined/presets)
  • log of recent violations with UI filter capabilities (search for URI, type, date/time, ...)

DRAFT CSP rules

DRAFT CSP reports


Files

mockup_Rules.png (80.4 KB) mockup_Rules.png DRAFT CSP rules Oliver Hader, 2021-05-06 17:52
mockup_Reports.png (89.3 KB) mockup_Reports.png DRAFT CSP reports Oliver Hader, 2021-05-06 17:52
typo3_csp.bmpr (100 KB) typo3_csp.bmpr Balsamiq mockup Oliver Hader, 2021-05-06 17:52
#1

Updated by Oliver Hader 10 days ago

Also available in: Atom PDF