[wp-trac] [WordPress Trac] #51407: Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility
WordPress Trac
noreply at wordpress.org
Thu Oct 15 15:34:10 UTC 2020
#51407: Remove inline event handlers and JavaScript URIs for Strict CSP-
compatibility
-------------------------------------------------+-------------------------
Reporter: enricocarraro | Owner:
| adamsilverstein
Type: enhancement | Status: assigned
Priority: normal | Milestone: Awaiting
| Review
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion has-unit- | Focuses: javascript
tests |
-------------------------------------------------+-------------------------
Comment (by enricocarraro):
@whyisjake Do you know anybody that could help in the review process? I
would appreciate some more eyes on it since there isn't much time until
the 5.6 beta phase.
I would also like to stress how important strict CSP would be in
protecting WordPress users.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/51407#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list