(Superseded) Experimenting with a 'strict-dynamic' Content Security Policy (CSP)

kelv · July 16, 2024, 4:10am

As the strict-dynamic CSP is non-optional from Discourse v3.3.0.beta3 onwards, we’ve updated Mitigate XSS Attacks with Content Security Policy and this topic will be closed.

Topic		Replies	Views
Content-Security-Policy now uses 'strict-dynamic' Announcements	13	1142	September 2, 2024
Mitigate XSS Attacks with Content Security Policy Site Management how-to , content-security-policy	32	23439	June 13, 2023
Discourse 2.2.0.beta9 Release Notes Announcements release-notes	1	2952	January 21, 2019
Discourse 2.2.0.beta6 Release Notes Announcements release-notes	1	3405	December 14, 2018
How to relax Content Security Policy Dev	5	2230	November 11, 2022