issues
search
google
/
csp-evaluator
https://csp-evaluator.withgoogle.com
Apache License 2.0
313
stars
45
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
No public description
#68
copybara-service[bot]
closed
3 days ago
0
Missing *-src directives when default-src is unspecified
#67
hansmach1ne
closed
3 days ago
1
script-src 'wasm-unsafe-eval' reported as invalid
#66
joergbaier
opened
5 months ago
0
`CspParser` wrongly split directive using `data:` source containing `;base64...`
#65
Pamplemousse
opened
5 months ago
0
Parsing comma separated CSPs + cleanup
#64
MaxNad
opened
6 months ago
1
Add several JSONP endpoints
#63
Ry0taK
opened
7 months ago
1
Newrelic endpoint no longer exists
#62
fsacer
opened
10 months ago
0
www.googletagmanager.com does not need unsafe-eval for CSP bypass
#61
masatokinugawa
opened
1 year ago
0
CSP evaluator doesn't support newest the newest CSP directives and keywords and breaks some policies
#60
GalacticHypernova
opened
1 year ago
0
Remove dev.virtualearth.net
#59
tosmolka
opened
1 year ago
0
Frame Ancestors are allowed to have non-leading wildcards
#58
HandyHat
opened
1 year ago
0
CSP extension for speculation rules
#56
Seirdy
opened
1 year ago
0
Hosted CSP Evaluator doesn't recognize 'wasm-unsafe-eval'
#54
wisefool769
opened
1 year ago
0
Remove deprecated Twitter JSONP Endpoint
#53
lucasassisrosa
closed
10 months ago
1
Bump minimatch from 3.0.4 to 3.1.2
#52
dependabot[bot]
closed
1 year ago
0
Remove Deprecated LinkedIn JSONP Endpoint
#51
smaury
closed
1 year ago
1
Fix missing comma and add more tests
#50
ddworken
closed
1 year ago
0
Fix missing comma and add more tests
#49
ddworken
closed
1 year ago
0
Fix missing comma and add more tests
#48
ddworken
closed
1 year ago
0
Add webrtc directive
#47
Seirdy
closed
1 year ago
0
Support wildcard as port number
#46
0xiso
closed
1 year ago
3
Remove appcenter.intuit.com
#45
ccloes
closed
2 years ago
4
Recognize the "navigate-to" nav directive
#44
Seirdy
closed
1 year ago
3
Don't recommend trusted-types if CSP blocks scripts
#43
Seirdy
opened
2 years ago
1
Internal change
#42
ddworken
closed
2 years ago
0
Internal change
#40
ddworken
closed
2 years ago
3
Change requests from Lighthouse
#39
adamraine
closed
2 years ago
3
Internal change
#38
copybara-service[bot]
closed
2 years ago
0
Internal change
#37
copybara-service[bot]
closed
2 years ago
0
Problem with latest version 1.0.2
#36
adrianaferrugento
closed
2 years ago
5
Allow the 'none' keyword for the `trusted-types` directive (fixes issue #33)
#35
copybara-service[bot]
closed
2 years ago
0
Add support for `navigate-to`
#34
craigfrancis
closed
1 year ago
1
Trusted Types should allow the 'none' keyword
#33
craigfrancis
closed
2 years ago
4
Internal change
#32
copybara-service[bot]
closed
3 years ago
0
Add unit tests
#31
copybara-service[bot]
closed
3 years ago
0
Internal change
#30
copybara-service[bot]
closed
3 years ago
0
Update gitignore
#29
copybara-service[bot]
closed
3 years ago
0
Internal change
#28
ddworken
closed
3 years ago
0
Internal change
#27
ddworken
closed
3 years ago
1
First push of modernized TS version
#26
ddworken
closed
3 years ago
0
improve parsing of multi-value CSP headers
#25
mrl5
opened
3 years ago
0
script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' reported as "all good"
#24
midist0xf
opened
3 years ago
0
Not setting directives that don't fallback to default-src should be raised as a severity finding.
#23
ddadon10
closed
3 years ago
1
Add "export to text file" feature in frontend
#22
cedricvanrompay
opened
3 years ago
0
Csp-evaluator installation problem
#21
alexsavv
opened
4 years ago
1
object-src [missing]
#20
dataCollegechurch
closed
3 years ago
2
Added support for Trusted Types to CSP Evaluator + small bug fixes.
#19
lweichselbaum
closed
4 years ago
1
`require-sri-for` has been deprecated
#18
Malvoz
closed
4 years ago
0
Trusted-Types
#17
Malvoz
closed
4 years ago
0
`reflected-xss` directive has been deprecated
#16
Malvoz
closed
4 years ago
0
Next