Security: Add configurable CSP headers #8261
Labels
Category:Enhancement
Add new functionality
Priority:p2-high
Escalation, on top of current planning, release blocker
Comments
micbar
added
Category:Enhancement
|
Started in cs3org/reva#4471 Cannot go into 5.0.0 because of code freeze. |
|
fixed by #8761 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
CSP (Content Security Policy) headers are improving the security of the application.
We need to make them configurable.
Resources https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Describe the solution you'd like
Add configuration for a configurable CSP
Describe alternatives you've considered
Reverse proxies can add headers, but that is often too generic.
The text was updated successfully, but these errors were encountered: