About Features Downloads Getting Started Documentation Events Support GitHub

Love VuFind®? Consider becoming a financial supporter. Your support helps build a better VuFind®!

Site Tools


Warning: This page has not been updated in over over a year and may be outdated or deprecated.
administration:security:content_security_policy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
administration:security:content_security_policy [2020/07/24 05:52] – [Best Practices / Recommendations] xmorave2administration:security:content_security_policy [2020/09/22 13:26] (current) demiankatz
Line 11: Line 11:
 ==== Configuration File ==== ==== Configuration File ====
  
-All settings related to Content Security Policies can be found in [[https://github.com/vufind-org/vufind/blob/master/config/vufind/contentsecuritypolicy.ini|contentsecuritypolicy.ini]].+All settings related to Content Security Policies can be found in [[https://github.com/vufind-org/vufind/blob/dev/config/vufind/contentsecuritypolicy.ini|contentsecuritypolicy.ini]].
  
 ==== Enforcing vs. Reporting ==== ==== Enforcing vs. Reporting ====
Line 19: Line 19:
 === Receiving Reports === === Receiving Reports ===
  
-When in reporting mode, you can set the report-to setting in [[https://github.com/vufind-org/vufind/blob/master/config/vufind/contentsecuritypolicy.ini|contentsecuritypolicy.ini]] to send reports of violations to a URI that implements a simple API. VuFind does not currently include a built-in reporting endpoint, but several options exist, including:+When in reporting mode, you can set the report-to setting in [[https://github.com/vufind-org/vufind/blob/dev/config/vufind/contentsecuritypolicy.ini|contentsecuritypolicy.ini]] to send reports of violations to a URI that implements a simple API. VuFind does not currently include a built-in reporting endpoint, but several options exist, including:
  
   * [[https://github.com/seek-oss/csp-server|seek-oss/csp-server]] - an open source, Node.js-based solution   * [[https://github.com/seek-oss/csp-server|seek-oss/csp-server]] - an open source, Node.js-based solution
Line 36: Line 36:
  
 ---- struct data ---- ---- struct data ----
 +properties.Page Owner : 
 ---- ----
  
administration/security/content_security_policy.txt · Last modified: 2020/09/22 13:26 by demiankatz