[wp-trac] [WordPress Trac] #53902: Automating the creation of inline javascript and inline stylesheet nonces or hashes
WordPress Trac
noreply at wordpress.org
Mon Aug 9 14:59:30 UTC 2021
#53902: Automating the creation of inline javascript and inline stylesheet nonces
or hashes
--------------------------------+------------------------------
Reporter: Josiah S. Carberry | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses: javascript
--------------------------------+------------------------------
Changes (by swissspidy):
* focuses: => javascript
* component: General => Security
Comment:
Have you seen https://make.wordpress.org/core/2021/02/23/introducing-
script-attributes-related-functions-in-wordpress-5-7/?
That post explains the multi-step plan to bring wp-admin to strict CSP
mode, with the first part being achieved in #39941. The next step is
#51407.
Eventually, all inline scripts in core will be added with the
`wp_print_script_tag()` function and get a nonce through that function.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53902#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list