-
### Welcome
- [X] Yes, I'm using the latest major release. Only such installations are supported.
- [X] Yes, I'm using the supported system. Only such systems are supported.
- [X] Yes, I have read al…
-
I am looking for a sample code of springwolf-ui (without plugin) using asynapi file. I tried steps provided at https://www.springwolf.dev/docs/faq but couldn't get the springwolf UI generated from my …
-
#### Description
This issue proposes adding the `base-uri` directive to our Content Security Policy (CSP) to enhance security by controlling the base URL used for resolving relative URLs in our web…
-
Anyone face with this issue in Google Chrome Canary v130
```
content-script-loader.chunk-1f004067.310380a0.js:7 Refused to load the script 'chrome-extension://xxx/assets/chunk-1f004067.js' because…
-
**Issue Summary**
Currently, our Flask application served with Gunicorn is triggering a medium security warning related to Content Security Policy (CSP). While we have a basic CSP in place (frame-a…
-
Description:
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. T…
-
To enhance the security of the platform, I propose implementing a strict [Content Security Policy (CSP).](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) A well-defined CSP helps mitigate vario…
-
Let's work to remove the 'unsafe-inline' and 'unsafe-eval' from the CSP.
-
Description: The lack of tha protection may allow the use of a Cross-Site Scripting
Potential Impact: Depends on the Cross-Site Scripting used when exploiting this lack of protection.
Affected part …
-
### What happens?
I have created a minimal example to demonstrate the CSP issue (https://github.com/michaelg-baringa/scalar-example/blob/main/nextjs-blog/README.md)
When navigating to http://local…