Matrix-Mirrors/synapse-product
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse-product.git synced 2024-10-01 08:25:44 -04:00
Code Issues Packages Projects Releases Wiki Activity
5b22d5ee03
synapse-product/changelog.d/10468.misc
Denis Kasak 2476d5373c
Mitigate media repo XSSs on IE11. (#10468) 
IE11 doesn't support Content-Security-Policy but it has support for
a non-standard X-Content-Security-Policy header, which only supports the
sandbox directive. This prevents script execution, so it at least offers
some protection against media repo-based attacks.

Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
2021-07-27 13:45:10 +02:00

2 lines
95 B
Plaintext
Raw Blame History

Mitigate media repo XSS attacks on IE11 via the non-standard X-Content-Security-Policy header.
Reference in New Issue View Git Blame Copy Permalink