Issues for Content-Security-Policy

Log in or register to create an issue
Advanced search

Displaying 1 - 33 of 33

Title	Status	Priority	Category	Version	Component	Replies	Last updated	Assigned to	Created
Content-Security-Policy: The page’s settings blocked the loading of a resource at blob: (“default-src”).	Active	Normal	Support request	8.x-1.x-dev	Code	2	2 weeks 6 hours		2 weeks 4 days
Add CSP entries on a per page basis	Active	Normal	Feature request	2.x-dev	Code	4	2 weeks 6 hours		2 weeks 6 days
Automated Drupal 11 compatibility fixes for csp	Needs review	Normal	Task	8.x-1.x-dev	Code	2	2 weeks 5 days		2 weeks 5 days
Add helper for safely appending nonce/hash sources	Needs review	Normal	Feature request	8.x-1.x-dev	Code	6	2 weeks 5 days	gapple	4 months 2 days
Remove X-Frame-Options Header	Active	Minor	Task	2.x-dev	Code	1	2 weeks 6 days		2 weeks 6 days
Provide a README	Needs review	Normal	Task	8.x-1.x-dev	Code	11	1 month 5 days		1 year 2 months
Enable conditional/alternate directive values	Active	Normal	Feature request	2.x-dev	Code	3	2 months 1 week		5 months 3 weeks
Provides a filter to add nonce attribute to inline scripts.	Needs work	Normal	Feature request	8.x-1.x-dev	Code	3	2 months 1 week		3 months 2 weeks
Create script-src from script-src-attr and script-src-elem	Postponed	Normal	Feature request	2.x-dev	Code	5	3 months 5 days		4 years 4 months
Drop support for Drupal 10.0	Postponed	Normal	Task	2.x-dev	Code	4	3 months 5 days		4 months 1 week
Use Choice config validation constraint	Postponed	Minor	Task	2.x-dev	Code	8	3 months 5 days		8 months 3 weeks
Remove supression of 'none' behaviour deprecation warning	Active	Normal	Task	8.x-1.x-dev	Code	3	3 months 5 days		3 months 5 days
Only add header to relevant responses	Needs work	Normal	Task	2.x-dev	Code	6	3 months 5 days		5 years 5 months
Copy configuration between report-only and enforced	Active	Minor	Feature request	2.x-dev	Code	4	3 months 5 days		5 years 9 months
Provide different CSP policy for private files	Active	Normal	Feature request	2.x-dev	Code	2	3 months 5 days		3 years 8 months
Improve handling of sources from libraries	Active	Normal	Plan	2.x-dev	Code	2	3 months 5 days		5 months 4 days
CSP 2.0	Active	Normal	Plan	2.x-dev	Code	6	3 months 5 days		5 years 4 months
Deprecate Site Log reporting handler	Postponed	Normal	Task	2.x-dev	Code	3	3 months 5 days		5 years 4 months
Remove code for Firefox bug 1313937	Postponed	Normal	Task	2.x-dev	Code	2	3 months 5 days		3 months 3 weeks
Improve default config	Active	Normal	Task	8.x-1.x-dev	Code	4	3 months 2 weeks		9 months 3 weeks
Support 'inline-speculation-rules' keyword	Active	Normal	Task	8.x-1.x-dev	Code	1	3 months 3 weeks		3 months 3 weeks
Add setting for pretty printing violoation reports in the log	Active	Normal	Feature request	8.x-1.x-dev	Code	7	3 months 3 weeks		10 months 2 days
Missing style-src-attr unsafe-inline on Views edit page	Postponed (maintainer needs more info)	Normal	Bug report	8.x-1.x-dev	Code	2	4 months 1 day		2 years 5 months
Implementation of hook_help() in module file	Needs work	Normal	Task	8.x-1.x-dev	Code	5	4 months 1 day		1 year 2 weeks
Use full file path for external library sources	Needs work	Normal	Feature request	8.x-1.x-dev	Code	6	4 months 1 day		2 years 2 months
Cache CSP header for dynamic requests	Needs work	Normal	Feature request	8.x-1.x-dev	Code	6	4 months 1 day		1 year 4 months
CSP headers are overflowing when in maintenance mode (throws error 502)	Needs work	Normal	Feature request	8.x-1.x-dev	Code	4	4 months 3 weeks		5 months 1 day
Recommended way to add all Google supported domains for GA audience image	Active	Normal	Support request	8.x-1.x-dev	Code	6	4 months 3 weeks		5 months 4 days
Better CSP support for themes	Active	Normal	Plan	8.x-1.x-dev	Code	5	5 months 1 week		5 months 1 week
Allow script / style by nonce	Postponed	Normal	Feature request	8.x-1.x-dev	Code	13	5 months 2 weeks		4 years 6 months
Make auto sources configurable	Reviewed & tested by the community	Normal	Feature request	8.x-1.x-dev	Code	12	6 months 3 weeks		2 years 3 months
Provide help text on how to handle scheme sources like "blob:"	Active	Normal	Feature request	8.x-1.x-dev	Documentation	1	8 months 5 days		8 months 5 days
Add utility methods for adding CSP information	Needs review	Normal	Feature request	8.x-1.x-dev	Code	4	2 years 4 months		2 years 5 months

Subscribe with RSS

Issues for Content-Security-Policy

News items

Our community

Documentation

Drupal code base

Governance of community