Closed cleptric closed 1 year ago
Since version 2.8.0, the report-uri is wrongly encoded when injecting the CSP header.
report-uri
2.8.0
report-uri https%3A//
2.7.0
report-uri https://...
This leads to a 404 if a CSP violation happens, as the browser prefixes the request with the local URL.
Same issue here. Filed a PR: #61
Since version 2.8.0, the
report-uri
is wrongly encoded when injecting the CSP header.2.8.0
2.7.0
This leads to a 404 if a CSP violation happens, as the browser prefixes the request with the local URL.