856fca8289
- Configurable via 'ALLOWED_IFRAME_SOURCES' .env option. - Also updated how CSP rules are set, with a single header being used instead of many. - Also applied CSP rules to HTML export outputs. - Updated tests to cover. For #3314 |
||
---|---|---|
.. | ||
CspService.php | ||
HtmlContentFilter.php | ||
HtmlNonceApplicator.php | ||
WebSafeMimeSniffer.php |