mendix
Update Content Security Policy documentation
Updated the Content Security Policy documentation to explain about the changes coming in the future.
The header can now be configured using a custom runtime setting which offers more flexibility than setting it through the Cloud Portal (support for nonces).
It will also be the preferred approach, as it will allow developers that create custom request handlers to build on top of our implementation, instead of devising their own.
This will be postponed until after 10.12 unfortunately. But I will leave the PR here for future.
This will be postponed until after 10.12 unfortunately. But I will leave the PR here for future.
Thanks for the update and the PR - I'll mark it for future release and review it once your team has reviewed it.
@Robinfr Looking at the PRs, this was supposed to be released sometime after 10.12. Has this now been released? @ConnorLand FYI.
Hi, no. We are changing the way this works. You can close this MR for now and I will create a new one whenever there is a new approach, or leave it open and I will update it at some point.Op 25 sep 2024 12:03 schreef Mark van Ments @.***>: @Robinfr Looking at the PRs, this was supposed to be released sometime after 10.12. Has this now been released? @ConnorLand FYI.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: @.***>
Closing as there will be substantial changes in the direction of the documentation as the developers are changing the way this works.