XSS defense: Content-Security-Policy & Permissions-Policy / Feature-Policy #865
Labels
feature request
Requested by community. Decide on roadmap
Comments
fbacall
added a commit
that referenced
this issue
Feb 13, 2024
2 tasks
harshita3199
pushed a commit
to SciLifeLab-TrainingHub-Platform/TeSS
that referenced
this issue
Jun 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe
Given that there is a lot of user-generated and scraped content, it may be prudent to limit accessible content and browser features.
We get a relatively low grade at https://securityheaders.com/?q=https%3A%2F%2Ftess.elixir-europe.org&followRedirects=on
Describe the solution you'd like
Implement a Content-Security-Policy and perhaps also a Feature-Policy
The text was updated successfully, but these errors were encountered: