Feature #1441

Investigate Other HTML Template Plugins

Added by Pavan Rikhi 11 months ago. Updated 19 days ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Pavan Rikhi% Done:

100%

Category:UISpent time:-
Target version:v1.00.00 - Deployment
Easy Pickings:

Description

We will be using the sub-resource integrity & favicon plugins, but others might be useful:

https://github.com/jantimon/html-webpack-plugin#plugins

Associated revisions

Revision 07f529a8
Added by Pavan Rikhi 19 days ago

[#1441] Add Content Security Policy Directives

Use the `csp-html-webpack-plugin` to add CSP Directives to the HTML file
generated by Webpack. This improves site security by limited the domains
that allowed to be used for scripts, images, fonts, styles, etc. It is
loose enough to allow loading of Google fonts, Stripe, & the Google Tag
Manager.

Refs #1441

History

#1 Updated by Pavan Rikhi 11 months ago

E.g., the CSP plugin would let us set things like upgrade-insecure-requests to prevent issues with HTTP images on HTTPS pages.

#2 Updated by Pavan Rikhi 19 days ago

  • % Done changed from 0 to 100
  • Status changed from New to Closed

Seems like just the CSP plugin was useful for us.

Also available in: Atom PDF