[wp-trac] [WordPress Trac] #39941: Allow using Content-Security-Policy without unsafe-inline

WordPress Trac noreply at wordpress.org
Sun Aug 6 12:55:04 UTC 2017


#39941: Allow using Content-Security-Policy without unsafe-inline
-------------------------+------------------------------
 Reporter:  tomdxw       |       Owner:
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Security     |     Version:  4.8
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:  javascript
-------------------------+------------------------------

Comment (by knutsp):

 +1

 Hard to secure a site using CSP with inline scripts and without a nonce on
 them.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39941#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list