forked-synapse/synapse/rest/media
Denis Kasak 2476d5373c
Mitigate media repo XSSs on IE11. (#10468)
IE11 doesn't support Content-Security-Policy but it has support for
a non-standard X-Content-Security-Policy header, which only supports the
sandbox directive. This prevents script execution, so it at least offers
some protection against media repo-based attacks.

Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
2021-07-27 13:45:10 +02:00
..
v1 Mitigate media repo XSSs on IE11. (#10468) 2021-07-27 13:45:10 +02:00
__init__.py Move rest APIs back under the rest directory 2015-01-22 16:10:07 +00:00