[wp-trac] [WordPress Trac] #10237: Implement Content Security Policy to prevent XSS
WordPress Trac
noreply at wordpress.org
Thu Dec 3 16:41:11 UTC 2015
#10237: Implement Content Security Policy to prevent XSS
-------------------------------+-----------------------------
Reporter: Denis-de-Bernardy | Owner:
Type: feature request | Status: assigned
Priority: normal | Milestone: Future Release
Component: Security | Version: 2.8
Severity: normal | Resolution:
Keywords: needs-patch | Focuses:
-------------------------------+-----------------------------
Comment (by chriscct7):
Relevant HTTP headers:
- Content-Security-Policy : Defined by W3C Specs as standard header, used
by Chrome version 25 and later, Firefox version 23 and later, Opera
version 19 and later.
- X-Content-Security-Policy : Used by Firefox until version 23, and
Internet Explorer version 10 (which partially implements Content Security
Policy).
- X-WebKit-CSP : Used by Chrome until version 25
--
Ticket URL: <https://core.trac.wordpress.org/ticket/10237#comment:26>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list