Обсуждение: [pgadmin-hackers] Content Security Policy
Good day pgadmin-hackers,
my name is Jonas Thelemann and I just joined this mailing list. It's my first mailing list, so I try my best to not make any mistakes.
I joined because I want to contribute some small adjustments to pgadmin. More precisely to address CSP (Content Security Policy) issues.
I wanted to migrate from phppgadmin to pgadmin, because it's the more contemporary solution, it's possible to influence the development and because I had problems with my website's CSP restrictions with phppgadmin. The main problem is just that there is inline JavaScript on the html page(s) which is considered as insecure by CSP. This issue is very easy to eliminate though. All occurrences of '<script>foo</script>' - I counted three so far - have to be replaced with '<script src="bar"></script>'.
If no one else is currently "working" [that's not serious work, I know] on this and this can be realized, I'd like to make these small changes to get to know Git a little bit better.
Greetings from Germany,
Jonas Thelemann
my name is Jonas Thelemann and I just joined this mailing list. It's my first mailing list, so I try my best to not make any mistakes.
I joined because I want to contribute some small adjustments to pgadmin. More precisely to address CSP (Content Security Policy) issues.
I wanted to migrate from phppgadmin to pgadmin, because it's the more contemporary solution, it's possible to influence the development and because I had problems with my website's CSP restrictions with phppgadmin. The main problem is just that there is inline JavaScript on the html page(s) which is considered as insecure by CSP. This issue is very easy to eliminate though. All occurrences of '<script>foo</script>' - I counted three so far - have to be replaced with '<script src="bar"></script>'.
If no one else is currently "working" [that's not serious work, I know] on this and this can be realized, I'd like to make these small changes to get to know Git a little bit better.
Greetings from Germany,
Jonas Thelemann
Hi On Tue, Jan 10, 2017 at 8:51 AM, Jonas Thelemann <e-mail@jonas-thelemann.de> wrote: > Good day pgadmin-hackers, > > my name is Jonas Thelemann and I just joined this mailing list. It's my > first mailing list, so I try my best to not make any mistakes. > I joined because I want to contribute some small adjustments to pgadmin. > More precisely to address CSP (Content Security Policy) issues. > I wanted to migrate from phppgadmin to pgadmin, because it's the more > contemporary solution, it's possible to influence the development and > because I had problems with my website's CSP restrictions with phppgadmin. > The main problem is just that there is inline JavaScript on the html page(s) > which is considered as insecure by CSP. This issue is very easy to eliminate > though. All occurrences of '<script>foo</script>' - I counted three so far - > have to be replaced with '<script src="bar"></script>'. > If no one else is currently "working" [that's not serious work, I know] on > this and this can be realized, I'd like to make these small changes to get > to know Git a little bit better. Please feel free to submit a patch. I don't believe anyone is working on this. Thanks, Dave. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company