Re: Content Security Policy

Hi

On Tue, Jan 10, 2017 at 8:51 AM, Jonas Thelemann
<e-mail(at)jonas-thelemann(dot)de> wrote:
> Good day pgadmin-hackers,
>
> my name is Jonas Thelemann and I just joined this mailing list. It's my
> first mailing list, so I try my best to not make any mistakes.
> I joined because I want to contribute some small adjustments to pgadmin.
> More precisely to address CSP (Content Security Policy) issues.
> I wanted to migrate from phppgadmin to pgadmin, because it's the more
> contemporary solution, it's possible to influence the development and
> because I had problems with my website's CSP restrictions with phppgadmin.
> The main problem is just that there is inline JavaScript on the html page(s)
> which is considered as insecure by CSP. This issue is very easy to eliminate
> though. All occurrences of '<script>foo</script>' - I counted three so far -
> have to be replaced with '<script src="bar"></script>'.
> If no one else is currently "working" [that's not serious work, I know] on
> this and this can be realized, I'd like to make these small changes to get
> to know Git a little bit better.

Please feel free to submit a patch. I don't believe anyone is working on this.

Thanks, Dave.

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company