https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20397
David Cook <dc...@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |In Discussion --- Comment #20 from David Cook <dc...@prosentient.com.au> --- I'm not putting this to "Needs Signoff" yet, as I'd like to get some more feedback first. Here are a few thoughts of my own: 1. I think we need to add an API endpoint for CSP violation reports, although I'm not sure how we want to handle those. Would we send an email to sysadmins? Just put it in the web server logs? 2. Need to double-check the font-src directive since I think people do use web fonts from other sources... 3. For HTTPS sites, I think we could add a "https:" expression too. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/