Plugin for use implementing security enhancements to the Wikimedia Foundation's sites hosted on WordPress VIP.
GPL-2.0 License
Published by kadamwhite 6 months ago
'strict-dynamic'
using this pluginworker-src
directives using this pluginblob:
URLs for use in worker-src
directive (supports Report plugin)'self'
directive is added to the directive array to permit it to be filtered later if neededhttp:
and ws:
schemes in local environmentsobject-src 'none'
as recommended by MDN
*.wikimedia.org
in connect-src
by default to permit first-party instrumentationFull Changelog: https://github.com/wikimedia/wikimedia-wordpress-security-plugin/compare/v1.0.0...v1.1.0
Published by kadamwhite 6 months ago
Full Changelog: https://github.com/wikimedia/wikimedia-wordpress-security-plugin/commits/v1.0.0