Support » Plugin: Content Security Policy Manager » CSP For ‘Require Trusted Types’

  • Resolved Alex Vasquez

    (@digisavvy)


    I noticed that Google’s CSP evaluator recommends adding: require-trusted-types-for ‘script’; to the header.

    How is one able to add this via CSP manager plugin?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter Alex Vasquez

    (@digisavvy)

    Thanks for this plugin btw.

    Plugin Author Patrick Sletvold

    (@16patsle)

    Hi @digisavvy, and sorry for not answering earlier. Turns out I forgot to subscribe to notifications here, so I didn’t see your message.

    I’m currently preparing an update for this plugin, so I will see what I can do with regards to adding some more directives, like the ones related to trusted types. The currently supported directives were chosen based on what I had a need for myself, but it makes sense to expand upon this.

    Also thanks to @csplite for explaining the consequences of adding require-trusted-type-for. It is one of the directives that requires the most work to adopt, but after the next plugin update you should at least be able to do set the directive, should you wish to.

    – Patrick Sletvold

    Plugin Author Patrick Sletvold

    (@16patsle)

    Hi,

    Version 1.1.0 of the plugin includes support for both require-trusted-types-for and trusted-types, along with a few other requested directives. In a future update, I plan on supporting the majority of the remaining directives.

    – Patrick Sletvold

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘CSP For ‘Require Trusted Types’’ is closed to new replies.