From f6343eda1e951a5ea2b0e62f2ffc75fc825e8448 Mon Sep 17 00:00:00 2001
From: guilhem <guilhem@web>
Date: Fri, 8 Apr 2016 14:14:46 +0200
Subject: Added a comment: Further weakened the Content-Security-Policy

---
 .../comment_2_01c8f3bc631f9ddecb109455233d6f09._comment           | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment

(limited to 'tracker/CSP_too_strict')

diff --git a/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment b/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
new file mode 100644
index 0000000..c6df409
--- /dev/null
+++ b/tracker/CSP_too_strict/comment_2_01c8f3bc631f9ddecb109455233d6f09._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="guilhem"
+ avatar="https://seccdn.libravatar.org/avatar/86d6cb4bde1ef88730b14ccad0414c28"
+ subject="Further weakened the Content-Security-Policy"
+ date="2016-04-08T12:14:46Z"
+ content="""
+Alright, just [removed](https://git.fripost.org/fripost-ansible/commit/?id=e370313ad5895871479fffc922e3c72c0375dbf2) [`upgrade-insecure-requests`](https://www.w3.org/TR/upgrade-insecure-requests/#upgrade-insecure-requests) and [`block-all-mixed-content`](https://www.w3.org/TR/mixed-content/#block_all_mixed_content) from the CSP.  Again, with the hope that Roundcube's built-in filter is tight enough by default…
+"""]]
-- 
cgit v1.2.3