@onur-baran Same as it ever was.... When it's ready. And hopefully not before.
Sorry, just couldn't resist. 🤡
But dinnae fash yersel... some body more knowledgeable than I will be comin' along this trail. ☮
Found a nice article on a module I hadn't seen before called Helmet. It's an express middleware that makes adding content security policy to your express app pretty straightforward. Thought I'd put it up here and suggest looking into adding it to the nodebb core.
Yes, we fully intend on utilising this with nodebb, assuming the overhead is minimal.