Skip to content

Add worker-src policy directive

Placeholder Sarah Rudderrequested to merge
644-add-csp-for-worker-src into main

Changes proposed in this pull request:

  • defines worker-src directive so that it is not an implied wildcard
  • addresses #644 (closed)

Submitter checklist

  • [ x ] Added logging is not capturing sensitive data and is set to an appropriate level (DEBUG vs INFO etc)
  • [ ] Updated relevant documentation (README, ADRs, explainers, diagrams)

Security considerations

  • Addresses ZAP findings

Merge request reports