ofbiz-plugins icon indicating copy to clipboard operation
ofbiz-plugins copied to clipboard

Published 20 hours ago verified publisher icon apache

a plugin to log csp errors reported by the browsers.

Open alexbodn opened this issue 4 years ago • 3 comments

it complements the report-only csp header, and a patch will be submited to the framework to point to this url. this code should rather be implemented in the framework, since the csp header is set there, and the browser complaints about missing report-url.

Improved: Implemented: Documented: Completed: Reverted: Fixed: (OFBIZ-)

Explanation

Thanks:

alexbodn avatar Jun 18 '20 09:06 alexbodn

Hi Alex,

This looks promising even if I don't like the idea of put in "unsafe-inline".

BTW please follow our commit comment conventions when creating PRs, TIA

JacquesLeRoux avatar Jun 18 '20 15:06 JacquesLeRoux

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

sonarqubecloud[bot] avatar Jun 19 '20 05:06 sonarqubecloud[bot]

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

sonarqubecloud[bot] avatar Sep 20 '20 17:09 sonarqubecloud[bot]