From bugzilla-daemon@bugs.koha-community.org Wed Mar 11 03:28:22 2026 From: bugzilla-daemon@bugs.koha-community.org To: koha-bugs@lists.koha-community.org Subject: [Koha-bugs] [Bug 38365] Add Content-Security-Policy HTTP header to HTML responses Date: Wed, 11 Mar 2026 02:28:21 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1934557057717751660==" --===============1934557057717751660== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=3D38365 --- Comment #357 from David Cook --- (In reply to David Cook from comment #356) > Once bug 38365 is pushed, we can require that people add nonces to