Bug 540 - improper CSP header configuration || Luminious India || AS-11183
Review Request #471 — Created Sept. 20, 2024 and submitted — Latest diff uploaded
| Information | |
|---|---|
| jasonchou | |
| AG | |
| rel_ag_9_4_5 | |
| 540 | |
| Reviewers | |
| milliechou, timlai, weikai | |
add object-src 'self' to CSP header configuration
can saw in browser :
content-security-policy:
frame-ancestors 'self'; default-src 'self' data: gap: wss: https://ssl.gstatic.com https://.duosecurity.com https://open.work.weixin.qq.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src ;script-src 'self' 'unsafe-inline' 'unsafe-eval';object-src 'self' https://*.duosecurity.com