Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtp (Exim 4.84_2)
	(envelope-from
 <pgadmin-hackers-owner+M27524=pgadmin-hackers-arka@postgresql.org>)
	id 1cQn0H-0007PL-94
	for pgadmin-hackers@arkaria.postgresql.org; Tue, 10 Jan 2017 03:21:41 +0000
Received: from localhost ([127.0.0.1] helo=postgresql.org)
	by malur.postgresql.org with smtp (Exim 4.84_2)
	(envelope-from
 <pgadmin-hackers-owner+M27524=pgadmin-hackers-arka@postgresql.org>)
	id 1cQn0G-0004qQ-SO
	for pgadmin-hackers@arkaria.postgresql.org; Tue, 10 Jan 2017 03:21:40 +0000
Received: from makus.postgresql.org ([2001:4800:1501:1::229])
	by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.84_2)
	(envelope-from <e-mail@jonas-thelemann.de>)
	id 1cQn02-00045J-KN
	for pgadmin-hackers@postgresql.org; Tue, 10 Jan 2017 03:21:26 +0000
Received: from relay2-d.mail.gandi.net ([2001:4b98:c:538::194])
	by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.84_2)
	(envelope-from <e-mail@jonas-thelemann.de>)
	id 1cQmzz-00076O-2z
	for pgadmin-hackers@postgresql.org; Tue, 10 Jan 2017 03:21:25 +0000
Received: from mfilter21-d.gandi.net (mfilter21-d.gandi.net [217.70.178.149])
	by relay2-d.mail.gandi.net (Postfix) with ESMTP id 7C73EC5A50
	for <pgadmin-hackers@postgresql.org>; Tue, 10 Jan 2017 04:21:20 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mfilter21-d.gandi.net
Received: from relay2-d.mail.gandi.net ([IPv6:::ffff:217.70.183.194])
	by mfilter21-d.gandi.net (mfilter21-d.gandi.net [::ffff:10.0.15.180])
 (amavisd-new, port 10024)
	with ESMTP id 8pKgHf9i6Gos for <pgadmin-hackers@postgresql.org>;
	Tue, 10 Jan 2017 04:21:18 +0100 (CET)
X-Originating-IP: 79.224.173.85
Received: from [192.168.178.82] (p4FE0AD55.dip0.t-ipconnect.de
 [79.224.173.85])
	(Authenticated sender: e-mail@jonas-thelemann.de)
	by relay2-d.mail.gandi.net (Postfix) with ESMTPSA id 9212BC5A4F
	for <pgadmin-hackers@postgresql.org>; Tue, 10 Jan 2017 04:21:18 +0100 (CET)
To: pgadmin-hackers@postgresql.org
From: Jonas Thelemann <e-mail@jonas-thelemann.de>
Subject: Content Security Policy
Message-ID: <881a8266-3214-c44d-2fbd-26e1ef5b007d@jonas-thelemann.de>
Date: Tue, 10 Jan 2017 04:21:18 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="------------CF6578DFA0D97238FFDF9371"
X-Pg-Spam-Score: -2.6 (--)
List-Archive: <http://archives.postgresql.org/pgadmin-hackers>
List-Help: <mailto:majordomo@postgresql.org?body=help>
List-ID: <pgadmin-hackers.postgresql.org>
List-Owner: <mailto:pgadmin-hackers-owner@postgresql.org>
List-Post: <mailto:pgadmin-hackers@postgresql.org>
List-Subscribe: <mailto:majordomo@postgresql.org?body=sub%20pgadmin-hackers>
List-Unsubscribe: 
 <mailto:majordomo@postgresql.org?body=unsub%20pgadmin-hackers>
X-Mailing-List: pgadmin-hackers
Precedence: bulk
Sender: pgadmin-hackers-owner@postgresql.org

This is a multi-part message in MIME format.
--------------CF6578DFA0D97238FFDF9371
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

Good day pgadmin-hackers,

my name is Jonas Thelemann and I just joined this mailing list. It's my 
first mailing list, so I try my best to not make any mistakes.
I joined because I want to contribute some small adjustments to pgadmin. 
More precisely to address CSP (Content Security Policy 
<https://content-security-policy.com/>) issues.
I wanted to migrate from phppgadmin to pgadmin, because it's the more 
contemporary solution, it's possible to influence the development and 
because I had problems with my website's CSP restrictions with 
phppgadmin. The main problem is just that there is inline JavaScript on 
the html page(s) which is considered as insecure by CSP. This issue is 
very easy to eliminate though. All occurrences of '<script>foo</script>' 
- I counted three so far - have to be replaced with '<script 
src="bar"></script>'.
If no one else is currently "working" [that's not serious work, I know] 
on this and this can be realized, I'd like to make these small changes 
to get to know Git a little bit better.

Greetings from Germany,
Jonas Thelemann

--------------CF6578DFA0D97238FFDF9371
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=utf-8">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Good day pgadmin-hackers,<br>
    <br>
    my name is Jonas Thelemann and I just joined this mailing list. It's
    my first mailing list, so I try my best to not make any mistakes.<br>
    I joined because I want to contribute some small adjustments to
    pgadmin. More precisely to address CSP (<a
      href="https://content-security-policy.com/">Content Security
      Policy</a>) issues.<br>
    I wanted to migrate from phppgadmin to pgadmin, because it's the
    more contemporary solution, it's possible to influence the
    development and because I had problems with my website's CSP
    restrictions with phppgadmin. The main problem is just that there is
    inline JavaScript on the html page(s) which is considered as
    insecure by CSP. This issue is very easy to eliminate though. All
    occurrences of '&lt;script&gt;foo&lt;/script&gt;' - I counted three
    so far - have to be replaced with '&lt;script
    src="bar"&gt;&lt;/script&gt;'.<br>
    If no one else is currently "working" [that's not serious work, I
    know] on this and this can be realized, I'd like to make these small
    changes to get to know Git a little bit better.<br>
    <br>
    Greetings from Germany,<br>
    Jonas Thelemann<br>
  </body>
</html>

--------------CF6578DFA0D97238FFDF9371--