As the strict-dynamic
CSP is non-optional from Discourse v3.3.0.beta3
onwards, we’ve updated Mitigate XSS Attacks with Content Security Policy and this topic will be closed.
2 Likes
As the strict-dynamic
CSP is non-optional from Discourse v3.3.0.beta3
onwards, we’ve updated Mitigate XSS Attacks with Content Security Policy and this topic will be closed.