Hi Santiago,

Feel free to follow Wicket dev community discussion on this subject at

чт, 4 июн. 2020 г. в 21:47, Santiago Díaz <sald...@google.com>:

> Hello Andrew,
> My name is Santiago, I'm a Security Engineer at Google. I am currently
> making preparations to receive a small group of interns for this summer's
> Google internships and found your email during the course of my research.
> *Context*
> Here at Google we have a lot of experience deploying security mechanisms
> (like Content Security Policy, Trusted Types, Fetch Metadata, Cross-Origin
> Opener Policy and others) at scale. We understand the pains of designing
> strong security policies, finding blockers for their deployment and
> locating pieces of code that need refactoring.
> *Why are you receiving this email?*
> For this year's internships (and considering the current global situation)
> we would like to contribute to selected open source projects, bringing some
> of our experience to *encourage adoption of some of these security
> enhancements*. Wicket is one of the projects we have shortlisted and we'd
> be happy to collaborate with you!
> I found out that there is an ongoing discussion over at
> https://issues.apache.org/jira/browse/WICKET-5406 to improve CSP support
> in Wicket and that *you have been running some experiments on what that
> would look like*.
> Having said that, it would be great if we could boost your work instead of
> reinventing the wheel. As such, I would like to know if you'd be open to
> our contributions and if so, whether you'd be willing to give me some
> context on what has been done, what issues you've come across and whether
> you have any thoughts on what would be the best way for us to contribute.
> Thank you for reading and I'm looking forward to hearing from you! :)
> S.

Reply via email to