From bugzilla-daemon@bugs.koha-community.org Fri Mar 6 01:22:07 2026 From: bugzilla-daemon@bugs.koha-community.org To: koha-bugs@lists.koha-community.org Subject: [Koha-bugs] [Bug 38365] Add Content-Security-Policy HTTP header to HTML responses Date: Fri, 06 Mar 2026 00:21:27 +0000 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7059470390638976740==" --===============7059470390638976740== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38365 David Cook changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #193951|0 |1 is obsolete| | --- Comment #287 from David Cook --- Created attachment 194579 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194579&action=edit Bug 38365: Add script to insert CSP nonces into templates Add misc/devel/add_csp_nonces.pl which automatically adds CSP nonce attributes to inline