Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.- Log in or register to create an issue
- Advanced search
| Title | Status | Priority | Category | Version | Component | Replies |
Last updated |
Assigned to | Created |
|---|---|---|---|---|---|---|---|---|---|
| Generate and cache library info on hook_rebuild | Closed (fixed) | Normal | Feature request | 2.x-dev | Code | 9 | 18 hours 3 min | 2 months 2 weeks | |
| Content-Security-Policy: The page’s settings blocked the loading of a resource at blob: (“default-src”). | Active | Normal | Support request | 8.x-1.x-dev | Code | 2 | 2 weeks 22 hours | 2 weeks 4 days | |
| Add CSP entries on a per page basis | Active | Normal | Feature request | 2.x-dev | Code | 4 | 2 weeks 22 hours | 2 weeks 6 days | |
| Automated Drupal 11 compatibility fixes for csp | Needs review | Normal | Task | 8.x-1.x-dev | Code | 2 | 2 weeks 5 days | 2 weeks 5 days | |
| Add helper for safely appending nonce/hash sources | Needs review | Normal | Feature request | 8.x-1.x-dev | Code | 6 | 2 weeks 6 days | gapple | 4 months 3 days |
| Remove X-Frame-Options Header | Active | Minor | Task | 2.x-dev | Code | 1 | 2 weeks 6 days | 2 weeks 6 days | |
| Provide a README | Needs review | Normal | Task | 8.x-1.x-dev | Code | 11 | 1 month 5 days | 1 year 2 months | |
| Implement Policy Alter event in other modules | Closed (fixed) | Normal | Plan | 8.x-1.x-dev | Code | 19 | 1 month 3 weeks | 4 years 4 months | |
| Consistent default active tab on the CSP settings form | Closed (fixed) | Normal | Task | 2.x-dev | Code | 8 | 1 month 3 weeks | 2 months 3 weeks | |
| Enable conditional/alternate directive values | Active | Normal | Feature request | 2.x-dev | Code | 3 | 2 months 1 week | 5 months 3 weeks | |
| Provides a filter to add nonce attribute to inline scripts. | Needs work | Normal | Feature request | 8.x-1.x-dev | Code | 3 | 2 months 1 week | 3 months 2 weeks | |
| Change handling 'none' with additional sources | Closed (fixed) | Normal | Feature request | 2.x-dev | Code | 8 | 2 months 3 weeks | 3 years 11 months | |
| URIports Reporting provider | Closed (outdated) | Normal | Feature request | 8.x-1.x-dev | Code | 2 | 3 months 5 days | 2 years 7 months | |
| Create script-src from script-src-attr and script-src-elem | Postponed | Normal | Feature request | 2.x-dev | Code | 5 | 3 months 5 days | 4 years 4 months | |
| Drop support for Drupal 10.0 | Postponed | Normal | Task | 2.x-dev | Code | 4 | 3 months 5 days | 4 months 1 week | |
| Use Choice config validation constraint | Postponed | Minor | Task | 2.x-dev | Code | 8 | 3 months 5 days | 8 months 3 weeks | |
| Remove supression of 'none' behaviour deprecation warning | Active | Normal | Task | 8.x-1.x-dev | Code | 3 | 3 months 5 days | 3 months 6 days | |
| Only add header to relevant responses | Needs work | Normal | Task | 2.x-dev | Code | 6 | 3 months 6 days | 5 years 5 months | |
| Copy configuration between report-only and enforced | Active | Minor | Feature request | 2.x-dev | Code | 4 | 3 months 6 days | 5 years 9 months | |
| Provide different CSP policy for private files | Active | Normal | Feature request | 2.x-dev | Code | 2 | 3 months 6 days | 3 years 8 months | |
| Improve handling of sources from libraries | Active | Normal | Plan | 2.x-dev | Code | 2 | 3 months 6 days | 5 months 4 days | |
| CSP 2.0 | Active | Normal | Plan | 2.x-dev | Code | 6 | 3 months 6 days | 5 years 4 months | |
| Deprecate Site Log reporting handler | Postponed | Normal | Task | 2.x-dev | Code | 3 | 3 months 6 days | 5 years 4 months | |
| Remove code for Firefox bug 1313937 | Postponed | Normal | Task | 2.x-dev | Code | 2 | 3 months 6 days | 3 months 3 weeks | |
| Throw deprecation warning if directive contains 'none' and other values | Closed (fixed) | Normal | Task | 8.x-1.x-dev | Code | 5 | 3 months 1 week | 4 months 2 days | |
| Preserve 'report-sample' if directive contains 'none' | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 5 | 3 months 1 week | 4 months 2 days | |
| Update csp.admin.js to ES6 | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Code | 5 | 3 months 1 week | 4 months 1 week | |
| Firefox bug fix doesn't detect hashes properly | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 3 months 1 week | 3 months 3 weeks | |
| Hundreds of log entries: Uninitialized string offset: 0 | Closed (fixed) | Minor | Bug report | 8.x-1.x-dev | Code | 26 | 3 months 2 weeks | 2 years 9 months | |
| Improve default config | Active | Normal | Task | 8.x-1.x-dev | Code | 4 | 3 months 2 weeks | 9 months 3 weeks | |
| Add hook_csp_policy_alter for themes | Closed (fixed) | Normal | Feature request | 8.x-1.x-dev | Code | 11 | 3 months 2 weeks | 4 months 1 week | |
| drupalSettings.csp.nonce is missing | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 16 | 3 months 2 weeks | 4 months 1 week | |
| Support 'inline-speculation-rules' keyword | Active | Normal | Task | 8.x-1.x-dev | Code | 1 | 3 months 3 weeks | 3 months 3 weeks | |
| Add setting for pretty printing violoation reports in the log | Active | Normal | Feature request | 8.x-1.x-dev | Code | 7 | 3 months 3 weeks | 10 months 2 days | |
| Cleanup support for old versions of core | Closed (fixed) | Normal | Task | 8.x-1.x-dev | Code | 4 | 3 months 4 weeks | 4 months 2 weeks | |
| Drop support for Drupal 9 | Closed (fixed) | Minor | Plan | 8.x-1.x-dev | Code | 5 | 3 months 4 weeks | 4 months 2 weeks | |
| Cleanup use of deprecated watchdog_exception | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Code | 5 | 3 months 4 weeks | 4 months 2 weeks | |
| Cleanup use of MASTER_REQUEST | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Code | 5 | 3 months 4 weeks | 4 months 2 weeks | |
| CKEditor5 requires style-src 'unsafe-inline' | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 11 | 3 months 4 weeks | 7 months 2 weeks | |
| Missing style-src-attr unsafe-inline on Views edit page | Postponed (maintainer needs more info) | Normal | Bug report | 8.x-1.x-dev | Code | 2 | 4 months 1 day | 2 years 5 months | |
| Implementation of hook_help() in module file | Needs work | Normal | Task | 8.x-1.x-dev | Code | 5 | 4 months 1 day | 1 year 2 weeks | |
| Use full file path for external library sources | Needs work | Normal | Feature request | 8.x-1.x-dev | Code | 6 | 4 months 1 day | 2 years 2 months | |
| Cache CSP header for dynamic requests | Needs work | Normal | Feature request | 8.x-1.x-dev | Code | 6 | 4 months 1 day | 1 year 4 months | |
| Remove code to disable inline anti-flicker js | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Code | 5 | 4 months 2 days | 4 months 2 weeks | |
| Configure Gitlab CI | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Miscellaneous | 4 | 4 months 2 days | 8 months 3 weeks | |
| Error when there are installed modules with invalid library definitions | Closed (fixed) | Normal | Bug report | 8.x-1.x-dev | Code | 6 | 4 months 3 days | 4 months 2 weeks | |
| Add a reference to csp_log in documentation | Closed (fixed) | Minor | Task | 8.x-1.x-dev | Documentation | 5 | 4 months 6 days | 4 months 3 weeks | |
| CKEditor unsafe-inline should be triggered by core/ckeditor | Closed (outdated) | Normal | Bug report | 8.x-1.x-dev | Code | 3 | 4 months 2 weeks | 2 years 3 months | |
| Paragraph module content with edit mode "closed" break CKEditor | Closed (outdated) | Normal | Bug report | 8.x-1.x-dev | Code | 10 | 4 months 2 weeks | 3 years 8 months | |
| CKEditor requires script-src-elem 'unsafe-inline' | Closed (outdated) | Normal | Bug report | 8.x-1.x-dev | Code | 10 | 4 months 2 weeks | 3 years 1 month |
Pages
Subscribe with RSS 
