Skip to content

Add Content Security Policy headers to all jQuery content sites #54

New issue
New issue
Closed
#71
#57
Closed
Add Content Security Policy headers to all jQuery content sites#54
#71
#57
Assignees
timmywil
Labels
Service: BlogsWordPress blogs.Service: Doc sitesWordPress doc sites.Service: MiscwebStatic sites and redirects.security
@timmywil

Description

@timmywil
timmywil
opened on Jul 4, 2024

Proposed header value

"default-src 'self'; script-src 'self' code.jquery.com; connect-src 'self'; img-src 'self'; style-src 'self';"

This should be tested with a report header first

  • Set up an endpoint that can accept security reports

Metadata

Metadata

Assignees

Labels

Service: BlogsWordPress blogs.Service: Doc sitesWordPress doc sites.Service: MiscwebStatic sites and redirects.security

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions