https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
--- Comment #10 from Christian Kujau ---
Firefox & Chrome both have CSP enabled now. A single page load (6k article)
gives multiple errors, here's how Chrome articulates this:
--- times reported, per page
|
v
6 Refused to apply inl
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
--- Comment #9 from Christian Kujau 2012-06-21 08:53:34
UTC ---
Another CSP warning, MW 1.19.1, Firefox 13.0:
---
Timestamp: 6/21/12 01:37:49
Warning: CSP: Directive "inline script base restriction" violated
Source File: https://foo.e
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
--- Comment #8 from Daniel Friesen
2012-03-12 03:43:29 UTC ---
For those interested in CSP I put together a starting CSP branch:
https://github.com/dantman/mediawiki-core/compare/master...csp
It uses a proper api. It's got the starting for wh
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
--- Comment #7 from Christian Kujau 2011-12-15 23:26:44
UTC ---
FWIW, I took the setting from the (out-of-date)
https://people.mozilla.com/~bsterne/content-security-policy/details.html#examples,
where it was described as "Site wants all conten
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
--- Comment #6 from Bawolff 2011-12-15 18:46:01 UTC ---
Apparently you'd need to use a header like:
X-Content-Security-Policy: allow 'self'; img-src 'self' data:
to allow data urls. But we also have inline js in vector skin that from my
under
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
Daniel Friesen changed:
What|Removed |Added
CC||mediawiki-bugs@nadir-seen-f
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
Christian Kujau changed:
What|Removed |Added
CC||li...@nerdbynature.de
--- Comment #4
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
Hendrik Brummermann changed:
What|Removed |Added
CC||nhb_...@nexgo.de
--- Comment #3
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
Mark A. Hershberger changed:
What|Removed |Added
CC||m...@everybody.org,
https://bugzilla.wikimedia.org/show_bug.cgi?id=26508
Bawolff changed:
What|Removed |Added
CC||bawolff...@gmail.com
--- Comment #1 from Baw
10 matches
Mail list logo