SEC-2117: Add Support for the Content-Security-Policy[-Report-Only] Header #2342

Closed
spring-issuemaster opened this Issue Jan 7, 2013 · 1 comment

Comments

Projects
None yet
3 participants

Marten Deinum (Migrated from SEC-2117) said:

For more information http://www.w3.org/TR/CSP/.

Rob Winch said:

We may revisit this at some point to provide first class support, but for now the StaticHeadersWriter is a reasonable approach

spring-issuemaster added this to the 4.1.0 M1 milestone Feb 5, 2016

@rwinch rwinch assigned jgrandja and unassigned rwinch Mar 14, 2016

@jgrandja jgrandja added a commit to jgrandja/spring-security that referenced this issue Mar 22, 2016

@jgrandja jgrandja Adds support for Content Security Policy.
Fixes gh-2342
3cef8e1

@jgrandja jgrandja added a commit to jgrandja/spring-security that referenced this issue Mar 22, 2016

@jgrandja jgrandja Adds support for Content Security Policy.
Fixes gh-2342
668154e

rwinch closed this in 2f7f2ff Mar 23, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment