tileradotorg/synapse
1
0
Fork 0
forked from MirrorHub/synapse
Code Pull requests Activity
synapse/changelog.d/10468.misc

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

2 lines
95 B
Text
Raw Normal View History

Mitigate media repo XSSs on IE11. (#10468) IE11 doesn't support Content-Security-Policy but it has support for a non-standard X-Content-Security-Policy header, which only supports the sandbox directive. This prevents script execution, so it at least offers some protection against media repo-based attacks. Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
2021-07-27 13:45:10 +02:00
Mitigate media repo XSS attacks on IE11 via the non-standard X-Content-Security-Policy header.
Copy permalink