As the strict-dynamic CSP is non-optional from Discourse v3.3.0.beta3 onwards, we’ve updated Mitigate XSS Attacks with Content Security Policy and this topic will be closed.
2 likes
As the strict-dynamic CSP is non-optional from Discourse v3.3.0.beta3 onwards, we’ve updated Mitigate XSS Attacks with Content Security Policy and this topic will be closed.