#5813 - Potentially risky wildcard default-src CSP set on several pages – Composr CMS: Your Data, Your Privacy, Your Control

This is a spacer post for a website comment topic. The content this topic relates to: #5813 - Potentially risky wildcard default-src CSP set on several pages

By Guest posted 26th Jul 2024, 9:18 PM

Automated message: This issue was created using the Report Issue Wizard on the Composr homesite.

By Guest posted 26th Jul 2024, 9:22 PM

Possible this may be because of "Permit no JavaScript nonce for injected scripts", which honestly should be disabled by default IMO and users instructed to enable it only if they must for third-party libraries that need it.

By Guest posted 26th Jul 2024, 9:29 PM

This seems to be happening on a lot of the add and edit screens. Other screens have the proper headers.

By Guest posted 4th Sep 2024, 5:49 PM

This was mainly a WYSIWYG issue, fixed in 11 beta2, but I still see it on some other screens. Leaving the issue open for now.

PDStig	Points: 130 Voting power: 27.300 Voting power control percentage: 0.385%
Gabri	Points: 70 Voting power: 15.974 Voting power control percentage: 0.225%
sholzy	Points: 50 Voting power: 12.124 Voting power control percentage: 0.171%

#5813 - Potentially risky wildcard default-src CSP set on several pages

Leader-board Top Weekly Earners

Coming soon…

Statistics