Hello! Do you have any plans regarding support of the content security policy (http://en.wikipedia.org/wiki/Content_Security_Policy) in Wicket in the near future? The problem at this time is the heavily used inline Java-Script code which interferes with the whitelisting mechanism of script sources in the CSP. Are there any plans to support this better? I think it would be a great help against cross-site scripting attacks and would improve the security image of Wicket.
-- View this message in context: http://apache-wicket.1842946.n4.nabble.com/Any-plans-to-support-content-security-policy-tp4662191.html Sent from the Users forum mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
