[wp-trac] [WordPress Trac] #39941: Allow using Content-Security-Policy without unsafe-inline

WordPress Trac noreply at wordpress.org
Wed Feb 22 15:21:52 UTC 2017


#39941: Allow using Content-Security-Policy without unsafe-inline
-------------------------------+------------------------------
 Reporter:  tomdxw             |       Owner:
     Type:  enhancement        |      Status:  new
 Priority:  normal             |   Milestone:  Awaiting Review
Component:  Security           |     Version:  trunk
 Severity:  normal             |  Resolution:
 Keywords:  reporter-feedback  |     Focuses:
-------------------------------+------------------------------

Comment (by johnbillion):

 Ah sorry, I didn't click through to your plugin. The nonce attribute
 approach is interesting. Is this widely supported by browser? Can the same
 nonce be re-used for all script tags?

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39941#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list