-
We are using CSP headers in our application. As Flexlayout is encoding the images as base 64 image links, there is a security issue in loading base 64 images as it not whitelisted. To resolve this, w…
-
### Problem Statement
**Issue Grouping - Fingerprint Rules**
We are exploring the use of custom issue fingerprinting, for CSP notifications, so we can continue being alerted by them in Slack but…
-
There is an issue with some csp policies. eval is unsafe and may produce security problems.
> Allows the use of eval() and similar methods for creating code from strings. You must include the singl…
-
### Problem Statement
Other vendors like DataDog lets us define custom attributes as query params in the CSP report URIs.
This lets app specific additional data (other than environment and release v…
-
**Describe the bug**
Odd failure on PyPy, but not CPython. See PyPy bug for details: https://foss.heptapod.net/pypy/pypy/-/issues/3751
```
Traceback (most recent call last):
File "django-csp/…
-
### Is your feature request related to a problem? Please describe.
`X-Content-Security-Policy`, `X-Webkit-Csp`, `X-Xss-Protection`
-
Hello, I use TYPO3 v12.4.13 with a version of yoast 9.0.3.
The loading is looping and when looking at the console, we have csp errors:
"Refused to apply inline style because it violates the followi…
-
**Is your feature request related to a problem? Please describe.**
The `csp.typing` `Numpy1DArray` and `NumpyNDArray` types are confusing for users and lead to a lot of unexpected typing issues. We s…
-
### Problem Statement
I think we should capitalize on CSP and NEL way more - these are valuable and reliable source of problems in your app
right now, the way we surface these in our product reall…
HazAT updated
2 weeks ago
-
### Symfony version(s) affected
current
### Description
dump() is perfect for debugging. The dump window is apparently generated via a JS ` Sfdump = window.Sfdump ... `.
The use of CSP to p…
oioix updated
1 month ago