New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a test for Content Security Policy headers #654
Comments
I believe this fits in the CONF chapter, and bypasses can link to it in the CLNT chapter. Would love to add this in! Are you interested to propose a plan for this addition? |
I wont be able to work on this before the end of the year. If nothing has been done by then, I'll be happy to contribute. |
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors. |
I've finished the document, I'll be posting a pull request soon. |
Oopsie! I did a PR #708 earlier on this. |
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors. |
Please comment if you are still working on this issue, as it has been inactive for 30 days. To give everyone a chance to contribute, we are releasing it to new contributors. |
Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors. |
Please comment if you are still working on this issue, as it has been inactive for 90 days. To give everyone a chance to contribute, we are releasing it to new contributors. |
I haven't found any test that includes looking at the Content Security Headers.
I would expect this to be included either in
02-Configuration_and_Deployment_Management_Testing
or in11-Client-side_Testing
where it is closely related to02-Testing_for_JavaScript_Execution.md
Typically, we should check for unsafe-eval and other potentially dangerous settings.
The text was updated successfully, but these errors were encountered: