#8470 Add CSP Headers

v1.15.0
closed
Guillermo Cruz
None
General
Dave Brondsema
2023-09-14
2022-09-27
Guillermo Cruz
No

There's a couple of Content Security Policy headers we can add as an extra layer of security. Some of these header are obj-src, upgrade-insecure-request, frame-ancestors and form-action.

frame-ancestors and form-action can be configurable

Discussion

  • Guillermo Cruz - 2022-09-28
    • status: in-progress --> review
     

  • Dave Brondsema

    Dave Brondsema - 2022-10-14
    • status: review --> closed
    • Reviewer: Dave Brondsema
     

  • Guillermo Cruz - 2023-09-14
    • Milestone: unreleased --> v1.15.0
     

Log in to post a comment.