Hi all,
I applied a strict content security policy to my application
using wicket after I tested my application using Kali Linux to check for
vulnerabilities. The tool provides the report with an info message "Nonces
should only use the base64 charset" regarding the info message needed t
Hi,
https://github.com/apache/wicket/blob/e9461b0d115a7dbf4992596823521f6e038817d9/wicket-core/src/main/java/org/apache/wicket/core/random/ISecureRandomSupplier.java#L60
This is the relevant code. It looks OK to me.
Attachments are not allowed in the mailing list. Could you please
copy/paste a no
Hi all,
Thanks for your quick reply. This is the info message get from Kali
Linux
DirectiveValue
script-src 'nonce-QmsK_uBjkJ84B3bGJIX'
style-src 'nonce-QmsK_uBjkJ84B3bGJIX'
Could you please open a ticket in JIRA with this information ?
Thanks!
On Thu, Jan 4, 2024 at 9:46 AM sundar saba
wrote:
> Hi all,
> Thanks for your quick reply. This is the info message get from
> Kali Linux
>
> DirectiveValue
> script-src 'nonce-QmsK_uBjkJ84B3bGJIX'
>