{"id": 912864936, "node_id": "MDU6SXNzdWU5MTI4NjQ5MzY=", "number": 1362, "title": "Consider using CSP to protect against future XSS", "user": {"value": 9599, "label": "simonw"}, "state": "open", "locked": 0, "assignee": null, "milestone": null, "comments": 17, "created_at": "2021-06-06T15:32:20Z", "updated_at": "2022-10-08T18:42:09Z", "closed_at": null, "author_association": "OWNER", "pull_request": null, "body": "The XSS in #1360 would have been a lot less damaging if Datasette used CSP to protect against such vulnerabilities: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/1362/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": null}