[wp-trac] [WordPress Trac] #39941: Allow using Content-Security-Policy without unsafe-inline
WordPress Trac
noreply at wordpress.org
Wed Oct 22 22:32:14 UTC 2025
#39941: Allow using Content-Security-Policy without unsafe-inline
-------------------------------------------------+-------------------------
Reporter: tomdxw | Owner:
| adamsilverstein
Type: enhancement | Status: closed
Priority: normal | Milestone: 5.7
Component: Security | Version: 4.8
Severity: normal | Resolution: fixed
Keywords: has-patch has-unit-tests commit | Focuses: javascript
has-dev-note |
-------------------------------------------------+-------------------------
Comment (by westonruter):
In [changeset:"61052" 61052]:
{{{
#!CommitTicketReference repository="" revision="61052"
Script Loader: Fix logic inversion with `$html5_script_support` in
`wp_sanitize_script_attributes()`.
The value was actually whether HTML5 was ''not'' supported.
Follow-up to [50167].
Props jamieburchell, sabernhardt.
See #39941.
Fixes #64128.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39941#comment:128>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list