Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtp (Exim 4.84_2)
	(envelope-from
 <pgadmin-hackers-owner+M27525=pgadmin-hackers-arka@postgresql.org>)
	id 1cQneH-0002Si-LV
	for pgadmin-hackers@arkaria.postgresql.org; Tue, 10 Jan 2017 04:03:01 +0000
Received: from localhost ([127.0.0.1] helo=postgresql.org)
	by malur.postgresql.org with smtp (Exim 4.84_2)
	(envelope-from
 <pgadmin-hackers-owner+M27525=pgadmin-hackers-arka@postgresql.org>)
	id 1cQneH-0002Q5-22
	for pgadmin-hackers@arkaria.postgresql.org; Tue, 10 Jan 2017 04:03:01 +0000
Received: from makus.postgresql.org ([2001:4800:1501:1::229])
	by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.84_2)
	(envelope-from <dpage@pgadmin.org>)
	id 1cQneG-0002Py-If
	for pgadmin-hackers@postgresql.org; Tue, 10 Jan 2017 04:03:00 +0000
Received: from mail-io0-x231.google.com ([2607:f8b0:4001:c06::231])
	by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.84_2)
	(envelope-from <dpage@pgadmin.org>)
	id 1cQneC-0007os-Ry
	for pgadmin-hackers@postgresql.org; Tue, 10 Jan 2017 04:02:58 +0000
Received: by mail-io0-x231.google.com with SMTP id v96so96246311ioi.0
        for <pgadmin-hackers@postgresql.org>;
 Mon, 09 Jan 2017 20:02:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=pgadmin-org.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=oRfRcLPKYsiQZz5b08HdGRPHAO5bPGVBmTOAls4RpOQ=;
        b=jEkSY5mm/bUDOBxi2vldpnEMnkuYTwOzUbQHQ0yvx9S/jSqDCyRwBhUpk06N5yme3x
         t/1SMnseZAXfg3v7RlxhPLSSRC4a8FuRZB9gkhI66ZZ4alfdXvyVp/h/eNjMHgQlxcQg
         j4F1XtAMGRSZeUqP12TkH8T++NMfBnEb0PRRYl39506K4/mKvv4JCZHj0PzXoEyIrGOB
         nGgQAwntxqDsbjAN9+sUXIOr3PTFclKDPRI58y7ZNit60FQPnnXZK6P4CQNoCh6wjSLt
         q1Cmig+k/yXVtTMti+9W1vUsxGYl0v85DqdsJW0clurlg/m809qEBXjFPx37M9QGHSI7
         VBFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=oRfRcLPKYsiQZz5b08HdGRPHAO5bPGVBmTOAls4RpOQ=;
        b=O9T4qS66RvKXomV4MS/1nRKAhf2HtEs6uOEWCWlFqCa2yAOk2V13+B181cKx1EjpSE
         dlura26VuuzuzMU/vfYFO3MoKQ+mcaz6X70fy15///kvvuonLyTU2dzbplIWYhGc5ENe
         AfoWcIy6+yNN9KJZFM1Q38Z8c6QYrW1JPnsiXepYIt+O/anZV6pUBgBS9D0oecUCvWcD
         tuPiqsMjAHIm6CCLDZ6PNxUC/FUuNKQk2HanJ0f3VdUQgF9cOxUQX5Hc4qixmoFD9ZVx
         aclQTmO4cx6nnDEBKhBqgdWkRAH8T2E7KGDmYRIHf+9cRgQ/7vbFWqvBzgGg7qoyTgFB
         FB0A==
X-Gm-Message-State: 
 AIkVDXKdrOcSZIYWcxnSZVtkeoc/KKLLBnY8kI6Ph+vpUDdeCsoydz6ElCpiDI64PY+Cylt3IYt63jpr0Pvqcg==
X-Received: by 10.107.18.230 with SMTP id 99mr1397294ios.45.1484020966777;
 Mon, 09 Jan 2017 20:02:46 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.224.198 with HTTP; Mon, 9 Jan 2017 20:02:45 -0800 (PST)
In-Reply-To: <881a8266-3214-c44d-2fbd-26e1ef5b007d@jonas-thelemann.de>
References: <881a8266-3214-c44d-2fbd-26e1ef5b007d@jonas-thelemann.de>
From: Dave Page <dpage@pgadmin.org>
Date: Tue, 10 Jan 2017 09:32:45 +0530
Message-ID: 
 <CA+OCxowkLrbnYR7MZOdSZHwy6XRp_L2B6X4bCWGuFLWP=T6zLg@mail.gmail.com>
Subject: Re: Content Security Policy
To: Jonas Thelemann <e-mail@jonas-thelemann.de>
Cc: pgadmin-hackers <pgadmin-hackers@postgresql.org>
Content-Type: text/plain; charset=UTF-8
X-Pg-Spam-Score: -2.6 (--)
List-Archive: <http://archives.postgresql.org/pgadmin-hackers>
List-Help: <mailto:majordomo@postgresql.org?body=help>
List-ID: <pgadmin-hackers.postgresql.org>
List-Owner: <mailto:pgadmin-hackers-owner@postgresql.org>
List-Post: <mailto:pgadmin-hackers@postgresql.org>
List-Subscribe: <mailto:majordomo@postgresql.org?body=sub%20pgadmin-hackers>
List-Unsubscribe: 
 <mailto:majordomo@postgresql.org?body=unsub%20pgadmin-hackers>
X-Mailing-List: pgadmin-hackers
Precedence: bulk
Sender: pgadmin-hackers-owner@postgresql.org

Hi

On Tue, Jan 10, 2017 at 8:51 AM, Jonas Thelemann
<e-mail@jonas-thelemann.de> wrote:
> Good day pgadmin-hackers,
>
> my name is Jonas Thelemann and I just joined this mailing list. It's my
> first mailing list, so I try my best to not make any mistakes.
> I joined because I want to contribute some small adjustments to pgadmin.
> More precisely to address CSP (Content Security Policy) issues.
> I wanted to migrate from phppgadmin to pgadmin, because it's the more
> contemporary solution, it's possible to influence the development and
> because I had problems with my website's CSP restrictions with phppgadmin.
> The main problem is just that there is inline JavaScript on the html page(s)
> which is considered as insecure by CSP. This issue is very easy to eliminate
> though. All occurrences of '<script>foo</script>' - I counted three so far -
> have to be replaced with '<script src="bar"></script>'.
> If no one else is currently "working" [that's not serious work, I know] on
> this and this can be realized, I'd like to make these small changes to get
> to know Git a little bit better.

Please feel free to submit a patch. I don't believe anyone is working on this.

Thanks, Dave.

-- 
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company


-- 
Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers