-
### Symfony version(s) affected
7.1.3
### Description
The CSP is handled by the NelmioSecurityBundle.
When navigating using UX Turbo Drive the WDT does not show up and these errors arise:
`…
-
We are using Angular as the frontend and Node.js as the backend, both served on the same port. Helmet is being used to manage security headers, with a global configuration for most routes, and a speci…
-
### General information
* SDK/Library version: 1.40.2
* Environment: Sandbox and Production
* Browser and OS: All
### Issue description
I find the CSP documentation to be incomplete.
I imp…
-
This is super opinionated, but I personally find the toggles very confusing. Perhaps replacing them with a drop down list to make it clearer?
![image](https://github.com/user-attachments/assets/2f9…
-
### 选手姓名
王思博
### 错误类别
错误合并
### 错误详情
我是王思博。
我初中就读于 青岛格兰德中学
高中就读于 山东省青岛第二中学
现在是高一
我仅有一个获奖:2021年 CSP-J 一等奖 277分
我在初三时参加的CSP-S并没有通过初赛
所以网站上的关于我在初三的参加CSP-J 的获奖并不是我,是一个重名的人。
### 承诺
- [X] 在提交这个 …
-
# Description
The current implementation of registering CSP rules is not flexible enough and frequently breaks ocis instances (at least the web ui). Since CSP rules are for the web client it would …
-
I suggest we have a CSP requirement that moves folks away from allow-lists to a nonce or hash strict-dynamic policy (CSP3 stuff) which is much easier to deploy and more secure.
-
Nuxt 2 implementation:
- https://github.com/nuxt/nuxt.js/blob/dev/packages/server/src/middleware/nuxt.js#L130
- (also fragmentations in several places)
I guess we can try making an standard unjs …
-
### Description
In web version of Ente, this is blocked by uBlock Origin. I understand this might concern content security policy, but why is it reported as a tracker by uBo ?
### Version
/
### Wh…
-
**Describe the bug**
If a nonce has been passed to the component, it is not forwarded to the MantineProvider (as getStyleNonce). This results in the mantine styles not being applied - and the slas…