stable
Clone or download
Read-only
This directive should not change something in this context for modern browsers as they already blocks everything. Adding it it's mainly a defense in depth for old and unsupported browsers such as IE that do not support other directives. To test the nginx configuration must be redeployed but nothing is expected to change expect that the sandbox attribute is added when the default CSP header is sent (for example for the static assets). Part of request #17967: Deploy a useful content security policy Change-Id: I2967eb735d65f3ce497d7dea2f942745b005f150
Modified Files
Name | ||||
---|---|---|---|---|
M | src/etc/nginx/tuleap-managed-global-settings.conf | +1 | −1 | Go to diff View file |