[
https://issues.apache.org/jira/browse/TOBAGO-1171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13817852#comment-13817852
]
Hudson commented on TOBAGO-1171:
--------------------------------
SUCCESS: Integrated in tobago-trunk #1157 (See
[https://builds.apache.org/job/tobago-trunk/1157/])
TOBAGO-1171: Support for the Content Security Policy (CSP) (lofwyr:
http://svn.apache.org/viewvc/?view=rev&rev=1540078)
*
/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/webapp/DebugResponseWriterWrapper.java
*
/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/webapp/HtmlResponseWriter.java
*
/myfaces/tobago/trunk/tobago-core/src/main/java/org/apache/myfaces/tobago/webapp/TobagoResponseWriter.java
> Support for the Content Security Policy (CSP)
> ---------------------------------------------
>
> Key: TOBAGO-1171
> URL: https://issues.apache.org/jira/browse/TOBAGO-1171
> Project: MyFaces Tobago
> Issue Type: New Feature
> Components: Themes
> Reporter: Udo Schnurpfeil
> Assignee: Udo Schnurpfeil
> Fix For: 2.0.0-alpha-3
>
>
> This is to prevent cross-site scripting (XSS) and related attacks.
> More about this security feature you can found at W3 http://www.w3.org/TR/CSP/
> Main work is to remove all JavaScript from the HTML code, see also the
> sub-tasks.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
