Uploaded image for project: 'Spring Security'
  1. Spring Security
  2. SEC-2117

Add Support for the Content-Security-Policy[-Report-Only] Header

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.1.0 M1
    • Component/s: Web
    • Labels:
      None

      Description

      For more information http://www.w3.org/TR/CSP/.

        Activity

        Hide
        rwinch Rob Winch added a comment -

        We may revisit this at some point to provide first class support, but for now the StaticHeadersWriter is a reasonable approach

        Show
        rwinch Rob Winch added a comment - We may revisit this at some point to provide first class support, but for now the StaticHeadersWriter is a reasonable approach
        Hide
        issuemaster Spring Issuemaster added a comment -
        Show
        issuemaster Spring Issuemaster added a comment - This issue has been migrated to https://github.com/spring-projects/spring-security/issues/2342

          People

          • Assignee:
            rwinch Rob Winch
            Reporter:
            mdeinum Marten Deinum
          • Votes:
            4 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development