Add Content-Security Policy #24

New issue

Open

opened 2025-04-21 14:19:01 +02:00 by rafael · 0 comments

rafael commented 2025-04-21 14:19:01 +02:00

Collaborator

Copy link

Some more information on this:

• https://danschultzer.com/posts/content-security-policy-with-liveview

• https://furlough.merecomplexities.com/elixir/phoenix/security/2021/02/26/content-security-policy-configuration-in-phoenix.html

• https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP

• Make sure our CSP works with liveview websockets

• Remove "Config.CSP" from the ignore array in .sobelow-config

Some more information on this: - https://danschultzer.com/posts/content-security-policy-with-liveview - https://furlough.merecomplexities.com/elixir/phoenix/security/2021/02/26/content-security-policy-configuration-in-phoenix.html - https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP - [ ] Make sure our CSP works with liveview websockets - [ ] Remove `"Config.CSP"` from the `ignore` array in `.sobelow-config`

rafael referenced this issue 2025-04-21 14:19:54 +02:00

Add basic CI setup #23

rafael added this to the Sprint 2 - 07.05. - 28.05 project 2025-05-07 15:01:00 +02:00

moritz modified the project from Sprint 2 - 07.05. - 28.05 to Sprint 3 - 28.05 - 09.07 2025-05-28 16:47:02 +02:00

carla modified the project from Sprint 3 - 28.05 - 09.07 to Sprint 4 - 09.07 - 30.07 2025-07-09 16:46:48 +02:00

carla modified the project from Sprint 4 - 09.07 - 30.07 to Sprint 5 - 31.07. - 11.09. 2025-07-31 14:04:51 +02:00

rafael removed this from the Sprint 5 - 31.07. - 11.09. project 2025-08-21 13:28:35 +02:00

simon added this to the We implement security measures milestone 2025-10-02 12:50:08 +02:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

renovate/mix-dependencies

renovate/renovate-renovate-42.x

perform-migration-on-startup

feature/196_search_custom_fields

feature/220_ui_issues_2

sidebar

renovate/major-postgres

feature/223_member_checkbox

renovate/major-mix-dependencies

renovate/postgres

renovate/ghcr.io-sebadob-rauthy-0.x

persist-sort-order

docs/210_payment-concept

feature/151_roles_permissions_docs

manual_renovate_update

feature/#158-polish-README

feature/128_playwright_a11y_test

feature/119_member_user_relation_refactor

feature/119_user_as_member

feature/backpex-migration

feature/backpex_translation

feature/39_account_ressource

feature/74_memberfields

validation

feature/36_add_primerlive

No results found.

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

high priority

  

invalid

Something is wrong

  

L

5 h

  

low priority

  

M

3 h

  

medium priority

  

needs refinement

  

question

More information is needed

  

S

1 h

  

UX research

  

wontfix

This won't be fixed

No labels

bug

duplicate

enhancement

help wanted

high priority

invalid

L

low priority

M

medium priority

needs refinement

question

S

UX research

wontfix

Milestone

Clear milestone

No items

No milestone

We implement security measures

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: local-it/mitgliederverwaltung#24

No description provided.