dunkirk.sh / thistle
đŸĒģ distributed transcription service thistle.dunkirk.sh
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat: add Content Security Policy headers #2

open opened by dunkirk.sh

Medium Priority#

Location: HTML pages in src/pages/

Issue#

Missing CSP headers

Impact#

Reduced XSS protection

Fix Time#

~1 hour

Recommendation#

Add CSP headers to all HTML responses, start with restrictive policy

From LAUNCH_REVIEW.md Issue #13

sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:krxbvxvis5skq7jj6eot23ul/sh.tangled.repo.issue/3m6d4djlfoj2o