Does the repository implement a strict enough Content Security Policy? #4326
JacobHomanics
started this conversation in
Bluesky Client App
Replies: 1 comment
-
|
It is indeed a TODO, and the time to get it done is perhaps now - I'm looking into it. Note that CSP is a hardening measure and its absence is not itself a vulnerability. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello!
Basically the title.
I see this function here which seems to be a basic configuration for it. However I see that configuring a CSP is in the TODO.
https://github.com/bluesky-social/social-app/blob/2077699a074eff62c4f2971e247e91e817557fa9/bskyweb/cmd/bskyweb/server.go#L136-L144
Beta Was this translation helpful? Give feedback.
All reactions