Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Allow the user to specify the Content Security Policy for a domain #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mms-gianni merged 3 commits into from
Nov 10, 2023
Merged

Allow the user to specify the Content Security Policy for a domain #21

mms-gianni merged 3 commits into from
Nov 10, 2023

Conversation

@joncrangle
Copy link
Contributor

@joncrangle joncrangle commented Nov 10, 2023

Since Ladder proxies requests, allowing the user to specify a Content Security Policy header can effectively limit which scripts are allowed to run in browser.

Example:

headers:
    referer: none
    x-forwarded-for: none
    user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
    content-security-policy: script-src 'self';

@mms-gianni
Copy link
Contributor

mms-gianni commented Nov 10, 2023

Love it !!!

@mms-gianni mms-gianni merged commit ac44f12 into everywall:main Nov 10, 2023
@joncrangle joncrangle deleted the csp-override branch November 12, 2023 01:32
andesco pushed a commit to andesco/ladder that referenced this pull request Sep 15, 2025
@mms-gianni
Merge pull request everywall#21 from joncrangle/csp-override
c246a75 
Allow the user to specify the Content Security Policy for a domain
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joncrangle @mms-gianni