Maniphest T3049

Prohibit unsafe-inline using CSP in sealious-playground
Open, NormalPublic3 Points
Actions

Assigned To

None

Authored By

	kuba-orlik
	Tue, Jul 29, 17:18

Tags

Referenced Files

None

Subscribers

Description

Add a CSP header for all responses that prohibits using inline JS

Migrate all code in Sealious Playground to either use stimulus controllers for their attached JS. When it's necessary to use inline JS, use the solution from the subtask of this task

If you encounter any code outside of Sealious Playground that needs migrating to not use inline code, please flag it and we'll create a separate task for that

Related Objects
Search...

		Status	Assigned	Task
		Open	None	T3049 Prohibit unsafe-inline using CSP in sealious-playground
		Open	None	T3050 Stimulus controller to attach custom signed inline code

Event Timeline

kuba-orlik created this task.Tue, Jul 29, 17:18

Herald added a project: Kanban. · View Herald TranscriptTue, Jul 29, 17:18

kuba-orlik updated the task description. (Show Details)Tue, Jul 29, 17:30

kuba-orlik edited projects, added Paid; removed Kanban.Wed, Aug 6, 16:39

jenkins-user moved this task from Freezer (don't take those tasks just yet) to Blocked on the Kanban board.Wed, Aug 6, 16:39

jenkins-user added a project: Kanban.