Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-5406

Better Content Security Policy Support

    XMLWordPrintableJSON

Details

    Description

      A better support of the Content Security Policy (http://en.wikipedia.org/wiki/Content_Security_Policy) would protect against cross-site scripting attacks and improve the security image of wicket.
      The main problem at the moment is the heavily used inline javascript code which interferes with the whitelisting mechanism of script sources in the CSP and should be avoided .

      Attachments

        Issue Links

          Activity

            People

              papegaaij Emond Papegaaij
              Magro28 Mario Groß
              Votes:
              4 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: