XMLWordPrintable

Details

    • Task
    • Resolution: Outdated
    • Neutral
    • None
    • None
    • None
    • None

    Description

      As seen in SRE-800, the default CSP header value coming from magnolia-now-configuration is not working well with the demo.

      Despite a few attempts on SRE side, it wasn't straightforward to find an updated value that would do the job:

      1. there are many scripts/fonts/resources being loaded
      2. SREs don't know this project thorougly

      It would be better for security that somebody goes through the whole demo site to either determine which CSP headers need to be allowed, or bundle resources in the project itself.

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              mmichel Maxime Michel
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Task DoR