]> git.cameronkatri.com Git - mandoc.git/commit
git.ckatri.com / mandoc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 801eeff) | patch
Add a Content-Security-Policy HTTP header that allows only CSS.
authorIngo Schwarze <schwarze@openbsd.org>
Sun, 10 Nov 2019 22:35:25 +0000 (22:35 +0000)
committerIngo Schwarze <schwarze@openbsd.org>
Sun, 10 Nov 2019 22:35:25 +0000 (22:35 +0000)
commit89d32b9120ed7de9fe5283abc537b21bd0b8bde9
tree51a599e27ff9de2097ae2659cf7dfef37e8e82d8tree | snapshot
parent801eeff8b3b3dd958ffde4c2edb1022fa8660937commit | diff
Add a Content-Security-Policy HTTP header that allows only CSS.
This ensures that in a modern browser that understands the header,
mandoc rendering bugs cannot possibly be interpreted as JavaScript.
Patch from bentley@.
cgi.c diff | blob | history
A git conversion mirror of mandoc.bsd.lv