https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38365 --- Comment #370 from Jonathan Druart <jonathan.druart@gmail.com> --- Created attachment 195266 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=195266&action=edit Bug 38365: Add Koha::ContentSecurityPolicy This patch adds a new Perl package, Koha::ContentSecurityPolicy. It provides the following methods: $csp->header_name Returns the name of the CSP header, based on koha-conf configuration. $csp->header_value Returns the value of the CSP header, based on koha-conf configuration. $csp->is_enabled Returns true or false, based on koha-conf configuration. $csp->nonce Generates or sets, and returns the nonce. A CSP nonce is a random token that is used both in the inline scripts and the Content-Security-Policy[-Report-Only] response header. To test: 1. prove t/Koha/ContentSecurityPolicy.t Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> -- You are receiving this mail because: You are watching all bug changes.