52 lines
1.2 KiB
Plaintext
52 lines
1.2 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../rationale.adoc[]
|
|
|
|
include::../impact.adoc[]
|
|
|
|
== How to fix it
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,html,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
<HeadContent>
|
|
<meta http-equiv="Content-Security-Policy"
|
|
content="base-uri 'self';
|
|
default-src 'self';
|
|
img-src data: https:;
|
|
object-src 'none';
|
|
script-src 'self' 'unsafe-inline'; <!-- Noncompliant -->
|
|
style-src 'self';
|
|
upgrade-insecure-requests;">
|
|
</HeadContent>
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,html,diff-id=1,diff-type=compliant]
|
|
----
|
|
<HeadContent>
|
|
<meta http-equiv="Content-Security-Policy"
|
|
content="base-uri 'self';
|
|
default-src 'self';
|
|
img-src data: https:;
|
|
object-src 'none';
|
|
script-src 'self' 'sha256-RFWPLDbv2BY+rCkDzsE+0fr8ylGr2R2faWMhq4lfEQc=';
|
|
style-src 'self';
|
|
upgrade-insecure-requests;">
|
|
</HeadContent>
|
|
----
|
|
|
|
=== How does this work?
|
|
|
|
include::../common/fix/least_privilege.adoc[]
|
|
|
|
== Resources
|
|
|
|
include::../common/resources/docs.adoc[]
|
|
|
|
include::../common/resources/standards.adoc[]
|