Implement a Content-Security-Policy TODO - BMC/OpenBmc/bmcweb.git - A do everything Redfish, KVM, GUI, and DBus webserver for OpenBMC (mirror)

diff options

author	Ed Tanous <ed@tanous.net>	2024-04-14 19:57:09 +0300
committer	Ed Tanous <ed@tanous.net>	2024-04-23 17:58:29 +0300
commit	c056aa7aa2438d16b1a3f1db20e6aac2694ca455 (patch)
tree	7328ae94e1c35298b27d542480d42dcff36d7203 /meson_options.txt
parent	003301a24bad4cfe066bb1f5720243a3f7c45742 (diff)
download	bmcweb-c056aa7aa2438d16b1a3f1db20e6aac2694ca455.tar.xz

Implement a Content-Security-Policy TODO

This TODO has been in bmcweb for a very long time. Implement it. W3 sets rules for what security policies apply to which content types[1]. Reading through this, essentially CSP should only apply to HTML files. Tested: Unit tests pass. Webui loads properly. Chrome network window Shows headers show up as expected. [1] https://www.w3.org/TR/CSP2/#which-policy-applies Change-Id: I5467d0373832668763c72a66da2a8872e07bfb58 Signed-off-by: Ed Tanous <ed@tanous.net>

Diffstat (limited to 'meson_options.txt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: