Merge branch 'master' into contact-procedure-update

author: Gustav Eek <gustav.eek@fripost.org> 2018-12-30 10:26:10 +0100
committer: Gustav Eek <gustav.eek@fripost.org> 2018-12-30 10:26:10 +0100
commit: 151ef6437bc2194252f53713f6567e02963c1f7a (patch)
tree: a57f41c33f1403b1d50449221751302ad867bfce /tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
parent: 25395abcb95f1c75950b9f28e68ef2b10d32dba3 (diff)
parent: f7e3f97b71fa71b5880f31f1ea66e35e181a9711 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment b/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
new file mode 100644
index 0000000..c6df409
--- /dev/null
+++ b/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="guilhem"
+ avatar="https://seccdn.libravatar.org/avatar/86d6cb4bde1ef88730b14ccad0414c28"
+ subject="Further weakened the Content-Security-Policy"
+ date="2016-04-08T12:14:46Z"
+ content="""
+Alright, just [removed](https://git.fripost.org/fripost-ansible/commit/?id=e370313ad5895871479fffc922e3c72c0375dbf2) [`upgrade-insecure-requests`](https://www.w3.org/TR/upgrade-insecure-requests/#upgrade-insecure-requests) and [`block-all-mixed-content`](https://www.w3.org/TR/mixed-content/#block_all_mixed_content) from the CSP.  Again, with the hope that Roundcube's built-in filter is tight enough by default…
+"""]]
author	Gustav Eek <gustav.eek@fripost.org>	2018-12-30 10:26:10 +0100
committer	Gustav Eek <gustav.eek@fripost.org>	2018-12-30 10:26:10 +0100
commit	151ef6437bc2194252f53713f6567e02963c1f7a (patch)
tree	a57f41c33f1403b1d50449221751302ad867bfce /tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
parent	25395abcb95f1c75950b9f28e68ef2b10d32dba3 (diff)
parent	f7e3f97b71fa71b5880f31f1ea66e35e181a9711 (diff)