-
```
What steps will reproduce the problem?
1. Use an app that enforces a strict CSP
2. Open Console
3. Observe Errors
What is the expected output? What do you see instead?
I expect to see no error in…
-
I have a app that's running on NextJS using NX as a monorepo tool. The consequence of this is that my .next directory is in a different directory from the project root.
next-safe-middleware seems to…
-
**Motivation**
We currently have an `authz.fleet.*` checking across a couple of APIs in the CSP plugin, and that seems to trigger errors such as [this](https://github.com/elastic/kibana/issues/1840…
-
Lorsque l'on retourne sur les déclarations, pour l'indicateur écart de rémunération, les écarts à 0 par CSP et tranches d'âge ne sont plus affichés.
Ces écarts sont présents dans le fichier Excel dg…
-
database, with database schema change:
Score 0.89
db.Column change:
Initialization data code:
-
### Describe the bug
We have the nonce configured as part of the PrimeVue setup, but there are still many warnings.
They seem to come from a few places as seen in the screenshot.
### Reproducer
…
-
Would it be possible, to make pdfkit usable with a CSP not allowing eval()? As our site handles personal data, all eval() is not allowed to be executed, rendering pdfkit unusable.
-
# 🐞 bug report
### Affected Package
The issue is caused by package @angular/service-worker:9.1.7
### Is this a regression?
Nope, seems to always been there
### Description
Su…
-
- Site: [https://bscytxzsc3.execute-api.ap-south-1.amazonaws.com](https://bscytxzsc3.execute-api.ap-south-1.amazonaws.com)
**New Alerts**
- **CSP: Wildcard Directive** [10055] total: 1:
- [h…
-
Without a default value for `default-src` certain other directives like `connect-src` will currently fallback to "allow all" (today's default). This can lead to a regression because adding the followi…