Actions
Bug #24015
closed
Use Content-Security-Policy strict headers
Pull Request:
Severity:
Trivial - no functional impact | cosmetic
UX impact:
User visibility:
Effort required:
Large
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No
Description
We would like to use strict Content-Security-Policy headers when returning HTTP response headers to enforce better security of the HTML pages in Rudder webapp.
It follows CSP 3 specification (https://www.w3.org/TR/CSP3/) and is implemented by common and modern web browsers
Updated by Vincent MEMBRÉ 10 months ago
- Target version changed from 8.1.0~alpha1 to 8.1.0~beta1
Updated by Vincent MEMBRÉ 9 months ago
- Target version changed from 8.1.0~beta1 to 8.1.0~beta2
Updated by Clark ANDRIANASOLO 9 months ago
- Related to Bug #24405: Node tabs have onclick event handlers assigned on unrendered elements added
Updated by Alexis Mousset 8 months ago
- Status changed from New to Pending release
Updated by Vincent MEMBRÉ 8 months ago
This bug has been fixed in Rudder 8.1.0~beta2 which was released today.
Updated by Vincent MEMBRÉ 8 months ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 8.1.0~beta2 which was released today.
Updated by Clark ANDRIANASOLO 5 months ago
- Related to Bug #25032: Use Content-Security-Policy strict headers in utilities pages added
Actions