Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / humanmade/altis-browser-security issues and pull requests
#28 - Use of 'template_redirect' instead of 'send_headers' for setting headers
Issue -
State: open - Opened by huubl 7 months ago
#27 - Send HSTS on all pages
Pull Request -
State: closed - Opened by rmccue 8 months ago
#26 - HSTS headers aren't sent on REST API, login, and admin pages
Issue -
State: closed - Opened by rmccue 8 months ago
#25 - Add filter rest_allowed_cors_origin
Pull Request -
State: closed - Opened by jerico over 1 year ago
- 1 comment
#24 - Compatibility: integrity hashes not generated using Bedrock
Issue -
State: open - Opened by huubl over 1 year ago
#23 - Fix string replacement for sub resource integrity attribute
Pull Request -
State: closed - Opened by roborourke over 1 year ago
#22 - Integrity attribute is not added to script tag when html5 support for `script` or `style` enabled
Issue -
State: closed - Opened by roborourke over 1 year ago
Labels: bug
#21 - [Backport v1.2-branch] Correct header name for HSTS
Pull Request -
State: closed - Opened by hm-backport[bot] over 1 year ago
#20 - Correct header name for HSTS
Pull Request -
State: closed - Opened by rmccue almost 2 years ago
- 1 comment
Labels: backport v1.2-branch
#19 - Support restricting CORS Origins
Issue -
State: closed - Opened by rmccue almost 2 years ago
- 14 comments
Labels: must have
#18 - Enable HSTS by default
Pull Request -
State: closed - Opened by rmccue over 2 years ago
- 3 comments
#17 - Add ability to set HSTS header
Pull Request -
State: closed - Opened by rmccue over 2 years ago
- 6 comments
#16 - Static files stored in the uploads directory are not supported
Issue -
State: open - Opened by robindevitt about 3 years ago
#15 - Don't send frame blocking header for embeds
Pull Request -
State: closed - Opened by rmccue over 3 years ago
#14 - Embeds are blocked
Issue -
State: closed - Opened by rmccue over 3 years ago
#12 - Documentation: Remember to bump a script version to avoid invalid intgrity values
Issue -
State: open - Opened by igmoweb about 4 years ago
Labels: documentation
#11 - Use namespace instead of use function
Pull Request -
State: closed - Opened by mikeselander over 4 years ago
#10 - Apply needs_quotes list after filtering
Issue -
State: open - Opened by kadamwhite over 4 years ago
#9 - Documentation: Cannot add property with policy value filter
Issue -
State: open - Opened by kadamwhite over 4 years ago
#8 - Implement report only policies
Pull Request -
State: closed - Opened by kadamwhite over 4 years ago
- 8 comments
#7 - Integrity hash can be cached incorrectly at times
Issue -
State: open - Opened by rmccue over 4 years ago
#6 - Add report-only mode for CSP
Issue -
State: closed - Opened by rmccue about 5 years ago
- 6 comments
#5 - Add Content-Security-Policy framework
Pull Request -
State: closed - Opened by rmccue about 5 years ago
#4 - Add more default headers
Pull Request -
State: closed - Opened by rmccue about 5 years ago
#3 - Add constant for configuring on non-Altis installs
Pull Request -
State: closed - Opened by rmccue about 5 years ago
#2 - Add nonces for inline scripts to CSP
Issue -
State: open - Opened by roborourke about 5 years ago
- 10 comments
#1 - Add first pass at integrity hashes
Pull Request -
State: closed - Opened by rmccue about 5 years ago
- 1 comment