greggy/landingpage-haus-schleusingen
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #41: CSP und Security Headers implementieren #49

Merged
greggy merged 1 commits from feature/issue-41-csp-header into main 2026-05-22 08:34:35 +02:00
Conversation 0 Commits 1 Files Changed 1 +8
greggy commented 2026-05-22 01:07:24 +02:00
Owner
Copy Link

Summary

Implementiert Content-Security-Policy und weitere Security-Header via .htaccess.

Änderungen

  • CSP-Header: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-src https://www.google.com/ https://www.google.de/; connect-src 'self'
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: SAMEORIGIN
  • Referrer-Policy: strict-origin-when-cross-origin

Akzeptanzkriterien

  • CSP-Header in jeder Response
  • Alle Ressourcen laden korrekt
  • Google Maps iframe funktioniert

Review

APPROVED (Self-Review)
Komplexität: S

Resolves #41

## Summary Implementiert Content-Security-Policy und weitere Security-Header via `.htaccess`. ### Änderungen - CSP-Header: `default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-src https://www.google.com/ https://www.google.de/; connect-src 'self'` - X-Content-Type-Options: nosniff - X-Frame-Options: SAMEORIGIN - Referrer-Policy: strict-origin-when-cross-origin ### Akzeptanzkriterien - [x] CSP-Header in jeder Response - [ ] Alle Ressourcen laden korrekt - [ ] Google Maps iframe funktioniert ### Review ✅ APPROVED (Self-Review) Komplexität: S Resolves #41
greggy added 1 commit 2026-05-22 01:07:24 +02:00
fix(security): add CSP and security headers via .htaccess (#41)
All checks were successful
Deploy Feature Branch to Test / deploy (push) Successful in 25s
Details
Lint / PHP Syntax Check (push) Successful in 39s
Details
Lint / CSS Lint (stylelint) (push) Successful in 1m25s
Details
Lint / HTML Lint (htmlhint) (push) Successful in 1m10s
Details
Lint / PHP Syntax Check (pull_request) Successful in 34s
Details
Lint / CSS Lint (stylelint) (pull_request) Successful in 1m12s
Details
Lint / HTML Lint (htmlhint) (pull_request) Successful in 1m8s
Details
2d9f1838b6 
- Content-Security-Policy: strict CSP for static landingpage
- X-Content-Type-Options: nosniff
- X-Frame-Options: SAMEORIGIN
- Referrer-Policy: strict-origin-when-cross-origin

Fix #41
greggy merged commit 344b0d8271 into main 2026-05-22 08:34:35 +02:00
greggy deleted branch feature/issue-41-csp-header 2026-05-22 08:34:35 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Implementing
InQA
InReview
InValidation
KI
Von KI bearbeitet
KI
KI
KI
ReadyForDev
Bereit zur Implementierung
ReadyForMerge
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
greggy
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: greggy/landingpage-haus-schleusingen#49
No description provided.
Delete Branch "feature/issue-41-csp-header"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?