Comments (4)
Thanks for pointing this out. I had a similar report on the WordPress Forums, just did not have time to look into either of these until now. Planning on implementing it for the next update, along with a overall improved handling of the header output to prevent issues like this.
Not sure if it is best to remove newlines when saved or when outputting the header though. Do you have any opinion on this? Would you expect newlines in the text fields to be preserved after save?
from wordpress-csp-manager.
I'd prefer to remove any newlines when saved. I'm not sure if maybe some UX changes would help? When adding to some of the fields, if there are a lot of urls, they trail off into the input box. Maybe some form of array input (click button to add another element) might work?
Either way, thanks for making this plug-in, it makes it way easier to handle the csp header rather than in nginx config or something similar.
from wordpress-csp-manager.
Glad you like it! I've been thinking of a more intuitive UI, something like the array input you suggest, but it would be a significant amount of work. For the moment I'll focus on this sanitization issue though.
from wordpress-csp-manager.
I believe I intended to close this with #5 back in October. Let me know if there still are issues
from wordpress-csp-manager.
Related Issues (8)
- Implement CSP presets (and a more reasonable default)
- Allow using same policy across several of admin/logged-in/frontend (and also inheriting?)
- Undefined $option['mode'] error HOT 1
- Headers already sent warning on cron run
- add_filter HOT 2
- Valid JSON cannot be saved into the Report-To header option HOT 1
- PHP 8.2 Deprecation: Dynamic Property
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wordpress-csp-manager.