Skip to content
This repository has been archived by the owner on Nov 6, 2020. It is now read-only.

Dapps server should return ContentSecurityPolicy headers #4315

Closed
tomusdrw opened this issue Jan 26, 2017 · 2 comments · Fixed by #5790
Closed

Dapps server should return ContentSecurityPolicy headers #4315

tomusdrw opened this issue Jan 26, 2017 · 2 comments · Fixed by #5790
Labels
F1-security 🛡 The client fails to follow expected, security-sensitive, behaviour. M4-core ⛓ Core client code / Rust.
Milestone
1.8

Comments

@tomusdrw
Copy link
Collaborator

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
@tomusdrw tomusdrw added F1-security 🛡 The client fails to follow expected, security-sensitive, behaviour. M4-core ⛓ Core client code / Rust. labels Jan 26, 2017
@tomusdrw tomusdrw added this to the 1.6 milestone Jan 26, 2017
@5chdn
Copy link
Contributor

5chdn commented May 9, 2017

This issue is labelled with security: The client fails to follow expected, security-sensitive, behavior. It is inactive for 4 months and not assigned to any developer. It is however, scheduled for the 1.7 release.

Please, comment within 7 days if this deadline is realistic, and assign a developer to the task or close the ticket if the issue is fixed or stale.

@tomusdrw
Copy link
Collaborator Author

It's still relevant, but not critical. Can be addressed after #5580 is merged.

@tomusdrw tomusdrw mentioned this issue Jun 7, 2017
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
F1-security 🛡 The client fails to follow expected, security-sensitive, behaviour. M4-core ⛓ Core client code / Rust.
Projects
None yet
Milestone
1.8
Development

Successfully merging a pull request may close this issue.

Content Security Policy openethereum/parity-ethereum
2 participants
@tomusdrw @5chdn