-
Regarding the [@media scripting features, value `none`](https://www.w3.org/TR/mediaqueries-5/#valdef-media-scripting-none), the current specification reads:
> [...]the value of the scripting media…
-
Hello there,
I use HTML5 video element on my website and a strict Content-Security-Policy directive (default-src 'self'). I get this error message in Google Chrome console when I load for the first…
-
Hey Y’all, I’m an intern at Google and am working on adding or improving web security features for open source frameworks.
I think the current default CSP configuration could be made more friendly …
-
Using this example CSP:
`content-security-policy: default-src 'none'; base-uri 'none'; frame-ancestors 'self'; script-src 'strict-dynamic' 'nonce-VVz1fXT3a0vl40s51oUfepWP2SS22WWFPA+HKdp5dUE=' https: …
-
I currently have a content security policy setup in my application, however it is not detected by bullet (I am running v7.0.7 of bullet). In order to investigate I went ahead and put a breakpoint in t…
-
I haven't thought about this much, but there are probably some useful things.
At the very least, something like `default-src: https://*` with mixed content.
-
Remove all inline styles and move those to css files or use already existing utility class names.
-
- Site: [https://917664251fec2f0623b5a3eae24d4deb.serveo.net](https://917664251fec2f0623b5a3eae24d4deb.serveo.net)
**New Alerts**
- **CSP: Wildcard Directive** [10055] total: 3:
- [https://9…
-
### Is your feature request related to a problem? Please describe.
1. Currently Errors in JS/PHP can be reported only to phpmyadmin reporting server
https://github.com/phpmyadmin/error-reporting-s…
-
- Site: [https://develop.d3kjwk6i5to4jv.amplifyapp.com](https://develop.d3kjwk6i5to4jv.amplifyapp.com)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 1:
- […