-
Hello,
given the fact gtm4wp_get_the_gtm_tag filter is deprecated, we cannot add nonce to gtm4wp scripts and include in website Content Security Policy.
Why is this filter deprecated, do you plan…
-
### Prerequisites
- [X] I [searched for any existing report](https://github.com/darkreader/darkreader/issues?q=is%3Aissue) about this bug to avoid opening a duplicate.
- [X] I can reproduce this b…
-
@oioki is proposing in https://github.com/getsentry/sentry/pull/47980 to add a minimal CSP implementation for self-hosted. Do we want to collect these from the field?
The [consent](https://github.c…
-
### Current behavior
When running cypress tests in GUI mode against a page with a content-security-policy (csp) such as
```
```
The tests appear to run fine, and the html page loads correctly …
-
I remember the English versions of CSP cannot use plugins. Can this work with the new 2.0 English version? Or is it still locked behind the Japanese version?
-
Question 1: Schema Change
![image](https://github.com/TDWolff/AtlasIndex/assets/142456240/6447f176-12df-4638-81aa-445f456b1da4)
-
I'm trying to do inject a script with an eval(), but i get this error:
**Content-Security-Policy: The page’s settings observed the loading of a resource at inline (“script-src”). A CSP report is be…
-
I'm opening this issue to discuss whether and what parts of the trusted types spec should be upstreamed to the CSP spec.
We currently define extensions to the CSP spec in https://w3c.github.io/trus…
-
Hello, how can we expose this app to the internet? I see we can execute "access-kubernetes.sh" to expose the app internally. How can we do it using LoadBalancer SVC type on CSPs (AWS for example)? Tha…
-
AFAIK this isn't resolved, but we're seeing an issue where the parent page's aggressive policy is preventing the iframe from loading assets. It looks like we might be able to use the [``](https://w3c.…