Details
Details
- Reviewers
- None
- Maniphest Tasks
- T4340: Implement Content-Security-Policy and Strict-Transport-Security headers
- Commits
- rPa5efd7eedb3c: Add "object-src 'none'" to the Content-Security-Policy
Added a <object ... /> tag to a page, saw "Blocked Plug-In" and a CSP warning in the browser console.
Diff Detail
Diff Detail
- Repository
- rP Phabricator
- Branch
- csp2
- Lint
Lint Passed - Unit
Tests Passed - Build Status
Buildable 19696 Build 26674: Run Core Tests Build 26673: arc lint + arc unit