Details
-
Type:
Improvement
-
Status: Closed
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: None
-
Fix Version/s: EE-4.3.0.GA_P04, EE-3.3.0.GA_P10
-
Component/s: Framework
-
Labels:None
-
Environment:ICEfaces EE
-
Support Case References:
-
Affects:Compatibility/Configuration
Description
We have a customer who is trying to implement a Content-Security-Policy (CSP) Level 2 for their ICEfaces applications.
We should research the requirements for this and document what resources ICEfaces itself requires to be included as a first step, with potentially including a Level 2 CSP filter in future ICEfaces releases if that is appropriate and feasible.
We should research the requirements for this and document what resources ICEfaces itself requires to be included as a first step, with potentially including a Level 2 CSP filter in future ICEfaces releases if that is appropriate and feasible.
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
| Field | Original Value | New Value |
|---|---|---|
| Assignee | Mircea Toma [ mircea.toma ] | |
| Fix Version/s | EE-4.3.0.GA_P04 [ 13876 ] | |
| Fix Version/s | EE-3.3.0.GA_P10 [ 13877 ] | |
| Environment | web | ICEfaces EE |
| Description | Look into implementing a level 2 Content-Security-Policy, to prevent cross site scripting. |
We have a customer who is trying to implement a Content-Security-Policy (CSP) Level 2 for their ICEfaces applications.
We should research the requirements for this and document what resources ICEfaces itself requires to be included as a first step, with potentially including a Level 2 CSP filter in future ICEfaces releases if that is appropriate and feasible. |
| Affects | Compatibility/Configuration [ 10002 ] | |
| Support Case References | https://icesoft.my.salesforce.com/5004u00002e33ST?srPos=0&srKp=500 | |
| Component/s | Framework [ 10013 ] |
| Status | Open [ 1 ] | Closed [ 6 ] |
| Resolution | Won't Fix [ 2 ] |