MantisBT: master-1.3.x 9f359863

Author Committer Branch Timestamp Parent
vboctor dregad master-1.3.x 2016-08-16 22:50 master-1.3.x f24a3e9c
Affected Issues  0021263: CVE-2016-7111: Content Security Policy is weakened by Gravatar plugin
Changeset

Protect against calling http_csp_add() too late

If the CSP header is sent and then http_csp_add() is called, trigger error.

Fixes 0021263

mod - core/http_api.php Diff File