-
Notifications
You must be signed in to change notification settings - Fork 78
Issues: w3c/webappsec-csp
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
How to prevent an iframe with srcdoc and defined csp from inheriting the parent page's CSP policies
#700
opened Dec 7, 2024 by
JuanRojasC
EnsureCSPDoesNotBlockStringCompilation: calling "Get Trusted Type compliant string"
#698
opened Dec 4, 2024 by
fred-wang
Consider recommending the usage of events instead of CSP reports for CSP WPTs
#690
opened Nov 19, 2024 by
mbrodesser-Igalia
Feedback request on not capturing the caller in
new Function
and indirect eval
#679
opened Sep 4, 2024 by
nicolo-ribaudo
Should font-src reporting kick in on font-face reference or font request?
#677
opened Aug 22, 2024 by
robinwhittleton
Consider using SecurityPolicyViolationEvent.sourceFile a USVString
#674
opened Jul 31, 2024 by
emilio
Add new CSP sandbox directive to allow SameSite=None cookies on top-level frames
#664
opened May 24, 2024 by
DCtheTall
frame-src is not effective in restricting the possible origins of subframes
#662
opened May 21, 2024 by
antosart
"Is element nonceable" not applied to non-<script> elements in Chrome?
#643
opened Feb 12, 2024 by
evilpie
Previous Next
ProTip!
no:milestone will show everything without a milestone.