Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Content Security Policy and unsafe-inline

NodeBB Development

Jeff Reiffers last edited by

Re: content security policy

Is CSP supported in 1.17.1?
1 Reply Last reply
Reply Quote 0

Suggested Topics

S

Unsolved How can I edit {post.content}
NodeBB Development • • Sam Nguyen

5

0
Votes

5
Posts

1550
Views

S

@pitaj Many thanks.

I'm waiting for a day I can edit this option.

Because I see that current view can make user confuse
Is socket.uid reliably secure?
NodeBB Development • • PitaJ

10

0
Votes

10
Posts

2015
Views

@baris said:

We had no reports of anyone altering socket.uid its a server side only value.

A while back there was a certain vulnerability (not NodeBB specific), I don't exactly remember what it was, but it allowed a user to mimic another user, even an admin, and do pretty much everything as that user.

Now you have one report 😉
Widgets content not being crawled by Search Engines
NodeBB Development • seo widgets improvement • • fais3000

4

0
Votes

4
Posts

1564
Views

@PitaJ Issue created at https://github.com/NodeBB/NodeBB/issues/5643
fais3000 created this issue in NodeBB/NodeBB closed Widgets content not being crawled by Search Engines #5643
CoinAwesome: Using NodeBB for a decentralized content aggregator - Looking for a dev partner
NodeBB Development • • v4

17

0
Votes

17
Posts

5890
Views

Maybe a plugin to add the field for coin address? I've seen people add them to their sigs as well, but depends on the theme (ie. Persona doesn't utilize sigs but we will plan on making them kind of like a status update in future)

Cool work BTW 🙂
Security issue
NodeBB Development • • Mikael Jenkler

3

0
Votes

3
Posts

130
Views

@yariplus ok thanks. as long as it is safe 😉

Content Security Policy and unsafe-inline

Suggested Topics

Unsolved How can I edit {post.content}
NodeBB Development • • Sam Nguyen

Is socket.uid reliably secure?
NodeBB Development • • PitaJ

Widgets content not being crawled by Search Engines
NodeBB Development • seo widgets improvement • • fais3000

CoinAwesome: Using NodeBB for a decentralized content aggregator - Looking for a dev partner
NodeBB Development • • v4

Security issue
NodeBB Development • • Mikael Jenkler

Get Started

Resources

Company

Content Security Policy and unsafe-inline

Suggested Topics

Unsolved How can I edit {post.content} NodeBB Development • • Sam Nguyen

Is socket.uid reliably secure? NodeBB Development • • PitaJ

Widgets content not being crawled by Search Engines NodeBB Development • seo widgets improvement • • fais3000

CoinAwesome: Using NodeBB for a decentralized content aggregator - Looking for a dev partner NodeBB Development • • v4

Security issue NodeBB Development • • Mikael Jenkler

Get Started

Resources

Company

Unsolved How can I edit {post.content}
NodeBB Development • • Sam Nguyen

Is socket.uid reliably secure?
NodeBB Development • • PitaJ

Widgets content not being crawled by Search Engines
NodeBB Development • seo widgets improvement • • fais3000

CoinAwesome: Using NodeBB for a decentralized content aggregator - Looking for a dev partner
NodeBB Development • • v4

Security issue
NodeBB Development • • Mikael Jenkler