View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0021669 | mantisbt | security | public | 2016-09-07 00:31 | 2016-10-30 23:22 |
Reporter | vboctor | Assigned To | syncguru | ||
Priority | normal | Severity | block | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 2.0.0-beta.2 | ||||
Target Version | 2.0.0-rc.1 | Fixed in Version | 2.0.0-rc.1 | ||
Summary | 0021669: Charts have inline scripts | ||||
Description | We should update the usage of chart.js to avoid using inline scripts so we don't have to relax CSP header constrains for such pages. | ||||
Tags | csp, modern-ui | ||||
MantisBT: master 0d00ae93 2016-10-16 16:06 Committer: vboctor Details Diff |
Relocate inline JS code in graph plugin to separate file Fixes 0021669 |
Affected Issues 0021669 |
|
add - plugins/MantisGraph/MantisGraph.js | Diff File | ||
mod - plugins/MantisGraph/MantisGraph.php | Diff File | ||
mod - plugins/MantisGraph/core/graph_api.php | Diff File | ||
MantisBT: master 1496d17f 2016-10-19 17:29 Committer: vboctor Details Diff |
Relocate and load graph JS files from plugin files dir Fixes 0021669 |
Affected Issues 0021669 |
|
mod - plugins/MantisGraph/MantisGraph.php | Diff File | ||
MantisBT: master c97b135f 2016-10-19 17:48 Committer: vboctor Details Diff |
Remove CSP allowing inline js code Fixes 0021669 |
Affected Issues 0021669 |
|
mod - plugins/MantisGraph/MantisGraph.php | Diff File |