Opened 5 weeks ago

Closed 7 days ago

#36532 closed New feature (fixed)

Add Content Security Policy (CSP) view decorators

Reported by: Rob Hudson Owned by: Rob Hudson
Component: HTTP handling Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

View decorators allow users to customize their CSP headers per-view. Allowing to override the base CSP settings and disable the headers should support most use cases.

Change History (6)

comment:1 by Rob Hudson, 5 weeks ago

Has patch: set

comment:2 by Natalia Bidart, 5 weeks ago

Triage Stage: UnreviewedAccepted

Thank you! This is consistent with what we discussed in the CSP original work, to allow splitting the feature in manageable chunks.

comment:3 by Natalia Bidart, 5 weeks ago

Patch needs improvement: set

comment:4 by Rob Hudson, 12 days ago

Patch needs improvement: unset

Updated to separate the decorators as requested in the PR review.

comment:5 by Natalia Bidart, 7 days ago

Triage Stage: AcceptedReady for checkin

comment:6 by nessita <124304+nessita@…>, 7 days ago

Resolution: fixed
Status: assignedclosed

In 550822bc:

Fixed #36532 -- Added Content Security Policy view decorators to override or disable policies.

Co-authored-by: Natalia <124304+nessita@…>

Note: See TracTickets for help on using tickets.
Back to Top