Skip to content
This repository has been archived by the owner on Jan 17, 2023. It is now read-only.

Add object-src 'none' to CSP to disable plugins #2423

Closed
g-k opened this issue Mar 20, 2017 · 0 comments
Closed

Add object-src 'none' to CSP to disable plugins #2423

g-k opened this issue Mar 20, 2017 · 0 comments
Labels
security Security issue: can be an active issue, or related to security hygene
Milestone
General Release 55

Comments

@g-k
Copy link
Contributor

g-k commented Mar 20, 2017
edited
Loading

like flash or specifically whitelist any plugins we need.

Per https://wiki.mozilla.org/Security/Guidelines/Web_Security#Content_Security_Policy
@jvehent jvehent added the security Security issue: can be an active issue, or related to security hygene label Mar 20, 2017
@ckprice ckprice added this to the Screenshots in 54 milestone Mar 20, 2017
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
security Security issue: can be an active issue, or related to security hygene
Projects
None yet
Milestone
General Release 55
Development

No branches or pull requests
4 participants
@dannycoates @g-k @jvehent @ckprice