Some big update

2026-03-25 14:35:44 +01:00
parent 0abd37d7a5
commit 867da15823
111 changed files with 173994 additions and 2061 deletions
--- a/application/Espo/EntryPoints/Download.php
+++ b/application/Espo/EntryPoints/Download.php
@@ -87,7 +87,7 @@ class Download implements EntryPoint
        if (in_array($type, $inlineMimeTypeList)) {
            $disposition = 'inline';

-            $response->setHeader('Content-Security-Policy', "default-src 'self'");
+            $response->setHeader('Content-Security-Policy', "default-src 'self'; script-src 'none'; object-src 'none';");
        }

        $response->setHeader('Content-Description', 'File Transfer');