paragonie/csp-builder issues and pull requests

#79 - Deprecation Warning in PHP 8.4

Issue - State: open - Opened by BGehrels 9 months ago

#78 - add updates for PHP 8.4

Pull Request - State: open - Opened by cliffordvickrey 11 months ago

#78 - add updates for PHP 8.4

Pull Request - State: closed - Opened by cliffordvickrey 11 months ago - 1 comment

#77 - Prevent duplicated entries in policies

Pull Request - State: closed - Opened by rmpel over 1 year ago

#77 - Prevent duplicated entries in policies

Pull Request - State: closed - Opened by rmpel over 1 year ago

#76 - un-deprecate `frame-src`

Pull Request - State: closed - Opened by fritzmg over 1 year ago

#75 - Calling disableOldBrowserSupport can lead to un-expected regressions with frame-src directives

Issue - State: open - Opened by fredericgboutin-yapla almost 2 years ago

#74 - Add a CSP header parser (`CSPBuilder::fromHeader`)

Pull Request - State: closed - Opened by fritzmg about 2 years ago - 3 comments

#72 - `script-src-elem`, `script-src-attr`, `style-src-elem` and `style-src-attr` are not supported

Issue - State: closed - Opened by internalsystemerror over 2 years ago - 1 comment

#71 - Fix support for script-src-{elem|attr}, Add support for style-src-{elem|attr}

Pull Request - State: closed - Opened by internalsystemerror over 2 years ago

#70 - Add PoC of report-to header

Pull Request - State: closed - Opened by Firesphere over 2 years ago - 4 comments

#69 - Fix `plugin-types` generation

Pull Request - State: closed - Opened by fritzmg over 2 years ago

#68 - Allow 'unsafe-hashed-attributes' to be set

Pull Request - State: closed - Opened by fritzmg over 2 years ago

#67 - Ignore PHPUnit result cache

Pull Request - State: closed - Opened by fritzmg over 2 years ago

#66 - Remove trailing semicolon

Pull Request - State: closed - Opened by fritzmg over 2 years ago

#65 - Generate nonce also when only `default-src` policy is applied

Pull Request - State: closed - Opened by fritzmg over 2 years ago - 1 comment

#64 - report-uri should not be encoded at all

Pull Request - State: closed - Opened by Firesphere over 2 years ago - 1 comment

#63 - Integrate or document report-to

Issue - State: open - Opened by davidsneighbour over 2 years ago

#62 - report-uri is encoded in to unuseable string

Issue - State: closed - Opened by Firesphere over 2 years ago - 3 comments

#61 - Add 'url' type value for report-uri

Pull Request - State: closed - Opened by danieltott over 2 years ago - 2 comments

#60 - report-uri gets wrongly encoded

Issue - State: closed - Opened by cleptric over 2 years ago - 1 comment

#59 - Unsafe hashes

Pull Request - State: closed - Opened by paragonie-security almost 3 years ago

#58 - Add support for 'unsafe-hashes' policy

Issue - State: closed - Opened by LeisureLarry almost 3 years ago - 1 comment

#57 - Support manifest-src directive

Issue - State: closed - Opened by strider72 over 3 years ago - 1 comment

#56 - Export policies to JSON

Pull Request - State: closed - Opened by paragonie-security almost 4 years ago

#55 - Adds hook before save output

Pull Request - State: closed - Opened by BruceGitHub almost 4 years ago - 4 comments

#54 - Support scheme-source https: directive value

Pull Request - State: closed - Opened by tforesti over 4 years ago

#53 - Add method for retrieving value set for a directive

Issue - State: closed - Opened by bkosborne almost 5 years ago - 1 comment

#52 - Add support for script-src-elem and script-src-attr

Issue - State: closed - Opened by timmit-nl almost 5 years ago

#51 - Add setReportSample. See #46.

Pull Request - State: closed - Opened by timmit-nl almost 5 years ago

#50 - Use newer PHPUnit

Pull Request - State: closed - Opened by paragonie-security about 5 years ago

#49 - Add support for https: scheme

Issue - State: closed - Opened by MrPropre about 5 years ago - 1 comment

#48 - Add a removeDirective function to remove directives

Pull Request - State: closed - Opened by iangcarroll over 5 years ago - 1 comment

#47 - Add support for 'require-trusted-types-for' policy

Issue - State: open - Opened by MrPropre over 5 years ago - 1 comment

#46 - Add support for 'report-sample' directive

Issue - State: closed - Opened by MrPropre over 5 years ago

#45 - Unable to add "blob" value to connect-src in json file

Issue - State: closed - Opened by pradeep518 over 5 years ago - 1 comment

#44 - Add an example of report-to to the docs.

Pull Request - State: closed - Opened by iangcarroll almost 6 years ago

#43 - Add support for the sandbox attribute.

Pull Request - State: closed - Opened by iangcarroll almost 6 years ago

#42 - Break out the report-to directive from report-uri.

Pull Request - State: closed - Opened by iangcarroll about 6 years ago - 1 comment

#41 - missing self in readme example

Issue - State: open - Opened by bnomei about 6 years ago

#40 - report-to directive not handled well by Chrome 76

Issue - State: closed - Opened by iangcarroll about 6 years ago - 2 comments

#39 - Save to JSON

Issue - State: closed - Opened by Firesphere about 6 years ago - 1 comment

#38 - .htaccess support for headers

Issue - State: open - Opened by Firesphere over 6 years ago

#37 - Ability to set both "report-uri" AND "report-to"

Issue - State: closed - Opened by OwenMelbz over 6 years ago - 1 comment

#36 - Support for Feature-Policy header?

Issue - State: closed - Opened by ghost about 7 years ago - 2 comments

#35 - Overdue improvements based on reported issues

Pull Request - State: closed - Opened by paragonie-scott about 7 years ago

#34 - Update CSPBuilder.php

Pull Request - State: closed - Opened by swiffer about 7 years ago

#33 - How to add strict-dynamic ?

Issue - State: closed - Opened by strider72 over 7 years ago - 5 comments

#32 - what is the use for "type" policies param ?

Issue - State: closed - Opened by ncou over 7 years ago - 2 comments

#31 - "support older browsers" nonce fix

Issue - State: open - Opened by strider72 over 7 years ago - 5 comments

#30 - Update composer.json to use paragonie/random_compat ^2.0

Pull Request - State: closed - Opened by endelwar over 7 years ago

#29 - My browser keeps ignoring this.

Issue - State: closed - Opened by Nenglish7 over 7 years ago - 1 comment

#28 - Cleanup namespaces in examples.

Pull Request - State: closed - Opened by Nenglish7 over 7 years ago

#27 - report-uri deprecated

Issue - State: open - Opened by Nenglish7 over 7 years ago - 3 comments

#26 - Nonce means number used once, random bytes used

Issue - State: closed - Opened by frederikbosch over 7 years ago - 7 comments

#25 - Add require-sri-for directive.

Issue - State: closed - Opened by Zegnat over 7 years ago

#24 - Add worker-src

Issue - State: closed - Opened by strider72 over 7 years ago - 1 comment

#23 - Suggestion: check for duplicate addSource

Issue - State: closed - Opened by strider72 over 7 years ago - 1 comment

#22 - Fix minor edge case with "needsCompile" variable

Pull Request - State: closed - Opened by BusterNeece over 7 years ago - 1 comment

#21 - Add Nginx 'always' clause to header.

Pull Request - State: closed - Opened by alainwolf almost 8 years ago - 1 comment

#20 - Functions and classes starting with a backslash

Issue - State: closed - Opened by gszy almost 8 years ago - 2 comments

#19 - Employ PHP_CodeSniffer

Pull Request - State: closed - Opened by gszy almost 8 years ago - 1 comment

#18 - DOCUMENTATION?????????????

Issue - State: closed - Opened by strider72 almost 8 years ago - 9 comments

#17 - Allow adding "blob" as source in JSON

Issue - State: closed - Opened by daniplaninc almost 8 years ago - 3 comments

#16 - Add data: uris

Issue - State: closed - Opened by gdhnz about 8 years ago - 5 comments

#15 - Added manifest-src to list of allowed policies

Pull Request - State: closed - Opened by kronthto over 8 years ago

#14 - Possibility to disable the automatic conversion of sources to HTTPS

Pull Request - State: closed - Opened by kronthto over 8 years ago - 3 comments

#13 - adding optional json string parameter from dynamic configuration

Pull Request - State: closed - Opened by renanmpimentel almost 9 years ago

#12 - adding optional json string parameter

Pull Request - State: closed - Opened by renanmpimentel almost 9 years ago

#11 - Remove semicolon from Apache config snippet

Pull Request - State: closed - Opened by Furgas over 9 years ago - 1 comment

#10 - Omit plugin-types directive when empty

Pull Request - State: closed - Opened by Furgas over 9 years ago - 1 comment

#9 - Add PSR-7 Middleware

Pull Request - State: closed - Opened by geggleto over 9 years ago - 1 comment

#8 - Invokable Extension

Issue - State: closed - Opened by geggleto over 9 years ago - 6 comments

#7 - ambiguity: PSR-7 Message

Issue - State: closed - Opened by geggleto over 9 years ago - 6 comments

#6 - Test psr7 csp injection test

Pull Request - State: closed - Opened by Ocramius over 9 years ago - 1 comment

#5 - PSR-7 support, or else array of headers to be returned

Issue - State: closed - Opened by Ocramius over 9 years ago - 13 comments

#4 - Content security policy for plugin-types

Issue - State: closed - Opened by Lewiscowles1986 over 9 years ago - 1 comment

GitHub / paragonie/csp-builder issues and pull requests