-
AFAIK this isn't resolved, but we're seeing an issue where the parent page's aggressive policy is preventing the iframe from loading assets. It looks like we might be able to use the [``](https://w3c.…
-
Since the script for mitm is in the html itself, our CSP throws an error when configuring script-src to self.
We have implemented a workaround by adding the script hash to the CSP.
The downside of t…
-
https://www.hardenize.com/report/thesslstore.com/1518813280#www_csp
> default-src data: 'unsafe-inline' 'unsafe-eval' *
Could you please mark the whole CSP result always red, if there is a * or ht…
-
I am trying to run an MDAL query for thermostat heat setpoint and cooling setpoint with the python dataclient.
This is how I call the query:
I am getting this error -- **No UUIDS**
…
-
**Describe the bug**
I have to enable policy unsafe-eval when I want the default autosuggest client code.
The problem is that JSONP requires the use of eval() on the client side JSONP has been super…
-
The function needs feedback from the console to know if it is working or not
do ##class(bdb.sql.Dump).Dump("BI_Study.City", "/tmp/table.csv")
-
Within the Arc Connectivity team, we make use of CSP (client-side proxy).
A sender component used to send messages for our scenarios. The code we use for our Pop scenario is the same one as PoP.
…
-
The current code only allows a singular CSP policy, which is technically not correct according to CSP3.
Update the code so that it can handle multiple CSP policies, by combining them together.
-
### Description and related issues
Our CSP configuration is current held in a lambda which is a little cumbersome to update and read. We should transition to using the [helmet module](https://www.npmj…
-
**Description**
Currently evalStringExpression uses Function constructor to change expression to function.
**Minimal Reproduction**
https://stackblitz.com/edit/ngx-formly-ui-bootstrap-f34u6m…