#Content Security Policy

Open on Drupal.org →

⚡️ Live updates comments, jobs, and issues, tagged with #Content Security Policy will update issues and activities on this page.

Issues

📌
Sanitize OR add Content-Security-Policy for SVGs
Active
Drupal core 11.0 — image.module
Created over 7 years ago
🇬🇧United Kingdom alexpott
14 days ago
📌
Add a default Content-Security-Policy and clickjacking defence to core
Needs review
Drupal core 11.0 — base system
Created over 9 years ago
🇺🇸United States pwolanin
27 days ago
✨
Implement a "semi automatic" Nonce settings
Needs work
Security Kit 2.0
Created about 3 years ago
🇧🇷Brazil barone
2 months ago
📌
[12.x] Set default Content-Security-Policy in services.yml
Postponed
Drupal core 11.0 — base system
Created 3 months ago
🇨🇦Canada gapple
3 months ago
📌
[D7] Convert drupalSettings from JavaScript to JSON, to allow for CSP in the future
RTBC
Drupal core 7.0 — javascript
Created over 8 years ago
🇬🇧United Kingdom catch
6 months ago
🐛
Script violates Content Security Policy rules.
Fixed
Editoria11y Accessibility Checker 2.1
Created 8 months ago
🇺🇸United States aaronpinero
7 months ago
📌
[11.x] Require array argument for AddCssCommand
Fixed
Drupal core 11.0 — ajax system
Created almost 2 years ago
🇫🇷France andypost
8 months ago
📌
Improve Drupal\Core\Ajax\AddCssCommand to accept an array of CSS assets
Fixed
Drupal core 10.1 — ajax system
Created almost 5 years ago
🇨🇦Canada gapple
10 months ago
🐛
[upstream] Modernizr prevents strict CSP
Closed: duplicate
Drupal core 10.1 — javascript
Created almost 8 years ago
🇳🇱Netherlands heine
almost 2 years ago

Activities

No activities found.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024

#Content Security Policy

Issues

Sanitize OR add Content-Security-Policy for SVGsActiveDrupal core 11.0 — image.module Created over 7 years ago

Add a default Content-Security-Policy and clickjacking defence to coreNeeds reviewDrupal core 11.0 — base system Created over 9 years ago

Implement a "semi automatic" Nonce settingsNeeds workSecurity Kit 2.0 Created about 3 years ago

[12.x] Set default Content-Security-Policy in services.ymlPostponedDrupal core 11.0 — base system Created 3 months ago

[D7] Convert drupalSettings from JavaScript to JSON, to allow for CSP in the futureRTBCDrupal core 7.0 — javascript Created over 8 years ago

Script violates Content Security Policy rules.FixedEditoria11y Accessibility Checker 2.1 Created 8 months ago

[11.x] Require array argument for AddCssCommandFixedDrupal core 11.0 — ajax system Created almost 2 years ago

Improve Drupal\Core\Ajax\AddCssCommand to accept an array of CSS assets FixedDrupal core 10.1 — ajax system Created almost 5 years ago

[upstream] Modernizr prevents strict CSPClosed: duplicateDrupal core 10.1 — javascript Created almost 8 years ago

Activities

Sanitize OR add Content-Security-Policy for SVGs
Active
Drupal core 11.0 — image.module
Created over 7 years ago

Add a default Content-Security-Policy and clickjacking defence to core
Needs review
Drupal core 11.0 — base system
Created over 9 years ago

Implement a "semi automatic" Nonce settings
Needs work
Security Kit 2.0
Created about 3 years ago

[12.x] Set default Content-Security-Policy in services.yml
Postponed
Drupal core 11.0 — base system
Created 3 months ago

[D7] Convert drupalSettings from JavaScript to JSON, to allow for CSP in the future
RTBC
Drupal core 7.0 — javascript
Created over 8 years ago

Script violates Content Security Policy rules.
Fixed
Editoria11y Accessibility Checker 2.1
Created 8 months ago

[11.x] Require array argument for AddCssCommand
Fixed
Drupal core 11.0 — ajax system
Created almost 2 years ago

Improve Drupal\Core\Ajax\AddCssCommand to accept an array of CSS assets
Fixed
Drupal core 10.1 — ajax system
Created almost 5 years ago

[upstream] Modernizr prevents strict CSP
Closed: duplicate
Drupal core 10.1 — javascript
Created almost 8 years ago