Page MenuHomeSoftware Heritage
Create Task
Maniphest T4028

Define and add a CSP to the web app
Closed, MigratedEdits Locked
Actions

Description

We have found a couple of XSS vulnerabilities over the years, and there may be a few more that we are unaware of.

a strict Content-Security-Policy should help mitigate them.

Related Objects

Event Timeline

vlorentz triaged this task as Normal priority.Mar 9 2022, 8:16 PM
vlorentz created this task.
VickyMerzOwn added a subscriber: VickyMerzOwn.Apr 19 2022, 12:51 AM

This looks really interesting to me. How exactly can I get started? Where is the web app present? (Isn't it hosted on Docker?)

vlorentz mentioned this in T4231: Split archive browsing and administration/moderation.May 11 2022, 11:19 AM
gitlab-migration closed this task as Migrated.Jan 8 2023, 5:03 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

About · Developer information · Legal