https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20397
David Cook <dc...@prosentient.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |In Discussion
--- Comment #20 from David Cook <dc...@prosentient.com.au> ---
I'm not putting this to "Needs Signoff" yet, as I'd like to get some more
feedback first.
Here are a few thoughts of my own:
1. I think we need to add an API endpoint for CSP violation reports, although
I'm not sure how we want to handle those. Would we send an email to sysadmins?
Just put it in the web server logs?
2. Need to double-check the font-src directive since I think people do use web
fonts from other sources...
3. For HTTPS sites, I think we could add a "https:" expression too.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
