[Bug 38365] Add Content-Security-Policy HTTP header to HTML responses
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38365 --- Comment #428 from Jonathan Druart <jonathan.druart@gmail.com> --- Created attachment 195522 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=195522&action=edit Bug 38365: Require a non-empty nonce in FrameworkPlugin.t Test plan: 0. Apply the patch 1. Run the following: prove t/db_dependent/FrameworkPlugin.t \ t/db_dependent/Koha/Plugins/Valuebuilder_hooks.t \ t/db_dependent/Koha/UI/Form/Builder/Biblio.t \ t/db_dependent/Koha/UI/Form/Builder/Item.t \ t/db_dependent/Serials.t Squashed version of the following patches: Bug 38365: Fix Koha/UI/Form/Builder/Biblio.t # Failed test at t/db_dependent/Koha/UI/Form/Builder/Biblio.t line 216. # '<script nonce=""> # $(document).ready(function () { # # }); # </script> # ' # doesn't match '(?^us:<script>.*</script>)' # Looks like you failed 1 test of 4. Bug 38365: Fix Koha/UI/Form/Builder/Item.t # There were 16 warning(s) # Previous test 0 '' # Use of uninitialized value $csp_nonce in concatenation (.) or string at /kohadevbox/koha/Koha/FrameworkPlugin.pm line 381. # at /kohadevbox/koha/Koha/FrameworkPlugin.pm line 381. Bug 38365: Fix Serials.t Bug 38365: Fix FrameworkPlugin.t -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org