-
Active deployments field is shown currently also for CSP user. This is fine but the "view services" link is not needed.
It currently takes to a page which is not valid for CSP user.
![image](htt…
-
## Build Information
Build: https://dev.azure.com/dnceng-public/cbb18261-c48f-4abb-8651-8cdcb5474649/_build/results?buildId=724252
Build error leg or test failing: System.Security.Cryptography.Csp.T…
-
Since Magento 2.4.7 **and** 2.4.6-p1 strict CSP ruling is enabled in the Magento checkout (and adminhtml) area. This the module uses several inline `` tags in its templates this needs to be adressed b…
-
Please be so kind and take a look into `etc/config.xml`.
The following disabled the report only mode for the entire storefront:
```
0…
-
Hello,
I believe i have found a bug, or that my knowledge of CSP is lacking.
Given the following csp configuration:
```
csp:
enforce:
level1_fallback: false
…
-
### System Info
"@xenova/transformers": "^2.17.1",
node : v20.12.2
npm: 10.5.0
windows 11
### Environment/Platform
- [X] Website/web-app
- [X] Browser extension
- [X] Server-side (e.g., …
-
On the admin-side we have the constant TEXTPATTERN_CSP_NONCE and the `\Textpattern\UI\Script` and `\Textpattern\UI\Style` methods to output `script src`, `script`, `style` and `link rel="stylesheet"` …
-
Is there any chance to fix the code being blocked by the CSP in future releases?
https://web.dev/articles/csp?utm_source=devtools#unsafe-eval
We'd like to use Molstar but it goes against our SOC2 …
-
Currently, data exchange capabilities that are exposed to the Web are restricted through [CSP connect-src](https://www.w3.org/TR/CSP3/#directive-connect-src), which restricts which origins can be conn…
-
Consider the two custom "links" below.
```
"objectscript.conn": {
"active": true,
"links": {
"Launch Zen page": "${serverUrl}/csp/${namespace}/${classname}.cls",
…