[wp-trac] [WordPress Trac] #39941: Allow using Content-Security-Policy without unsafe-inline
WordPress Trac
noreply at wordpress.org
Wed Feb 22 15:18:51 UTC 2017
#39941: Allow using Content-Security-Policy without unsafe-inline
-------------------------------+------------------------------
Reporter: tomdxw | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: reporter-feedback | Focuses:
-------------------------------+------------------------------
Changes (by johnbillion):
* keywords: => reporter-feedback
Comment:
Thanks for the patch, Tom.
The resulting output of `inline_js()` still includes inline `<script> ...
</script>` tags. Can you let us know how this allows a CSP without
`unsafe-inline` to be implemented?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39941#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list