Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,482 Commits 18 Branches 197 Tags 95 MiB
4d72ac16a3
Commit Graph

5 Commits

Author SHA1 Message Date
Dan Brown
856fca8289
Updated CSP with frame-src rules 
- Configurable via 'ALLOWED_IFRAME_SOURCES' .env option.
- Also updated how CSP rules are set, with a single header being used
  instead of many.
- Also applied CSP rules to HTML export outputs.
- Updated tests to cover.

For #3314
 2022-03-07 14:27:41 +00:00
Dan Brown
fb80bb5d58
Applied latest styleci changes 2021-09-06 22:19:06 +01:00
Dan Brown
492af79c27
Added a couple of additional CSP rules 
As per guidance from google's CSP evaluator.
 2021-09-04 14:34:43 +01:00
Dan Brown
253f386f00
Finished off script CSP rules 
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
 2021-09-04 13:57:04 +01:00
Dan Brown
fd44e4ba74
Started application of CSP headers 2021-09-03 23:32:42 +01:00