Developer
Intros How it works API reference Turbo CSS Blog Simplified .ContentSecurityPolicy rules Sessions Create components from code Send emails to any address Script attribute: crossorigin Script attributes Introducing Turbo UI Named buckets Turbo CSS is Tailwind CSS on steroids Introducing Turbo CSS, the most advanced web-design language Collaboration settings Filesystem and Database are not cutting the problem space right What I'm working on 64bit File node IDs Write your own website builder on top of Boomla On On composition A filesystem to replace your CMS New file link type: scope Inline file wrapping changed Package sandboxing New PHP-like JavaScript engine [sjs-4e] Send emails to the website owner New JavaScript engine [sjs-4] Glossary and other changes Boomla goes multiplayer Using local dev tools Why Boomla doesn't need Git Improved sjs-3 API CSS modules Work offline with Boomla Supporting CommonJS modulesĀ  Paranoid about loosing data IDE usability improvements Flow control from user space Contextmenu support for apps Deprecating the .Class file Embedding 3rd party plugins Introducing Tools Installing apps just got amazing Host on our servers Simple deploy with push/pull Version Control for the Web 350M files on a 1TB disk 2 weeks in review
Developer
Intros
How it works
API reference
Turbo CSS
Blog

Simplified .ContentSecurityPolicy rules

2022-08-31

It's now easier to define .ContentSecurityPolicy rules as one can mix the simple and the fully-defined format within the same file.

For example, this would now be allowed:

https://example.com
script-src 'unsafe-inline'

Read the updated .ContentSecurityPolicy docs.


Cheers,

Tibor Halter
Tibor Halter
you can follow me on Twitter
Sessions
Subscribe to the Boomla newsletter!
Platform
Boomla Store Website Builder Changelog Status
Learn
Intros How it works API reference Turbo CSS Glossary
Company
Contact Support About
Get involved
WishList