You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
navigate-to looks useful to implement RE the 'to' header during login. login page should only go to /auth, ever.
style-src, script-src, prefetch-src, manifest-src, img-src, media-src sound interesting. We may be able to just set default-src and be done with it though. I have done so.
What is more important is the reporting URL. We probably need a dashboard of some kind, or to log it so that we can fail2ban em.
The text was updated successfully, but these errors were encountered:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
navigate-to looks useful to implement RE the 'to' header during login. login page should only go to /auth, ever.
style-src, script-src, prefetch-src, manifest-src, img-src, media-src sound interesting. We may be able to just set default-src and be done with it though. I have done so.
What is more important is the reporting URL. We probably need a dashboard of some kind, or to log it so that we can fail2ban em.
The text was updated successfully, but these errors were encountered: