Hi James and all,

Please advise on https://github.com/apache/juneau/pull/57

Gary


On Sat, Mar 6, 2021, 10:07 James Bognar <jamesbognar@gmail.com> wrote:
Absolutely.  I'm not familiar with those tags but it sounds like a
pretty simple addition.

I've also noticed a warning when delivering changes to master.  The
link returns a 404 for me.  Maybe this is what it's complaining about.

remote:
remote: GitHub found 1 vulnerability on apache/juneau's default branch
(1 low). To find out more, visit:
remote:      https://github.com/apache/juneau/security/dependabot/pom.xml/junit:junit/open

On Fri, Mar 5, 2021 at 2:30 PM Gary Gregory <garydgregory@gmail.com> wrote:
>
> Hi All,
>
> Due to some dynamic analysis tooling we are running on our product, pages generated by Juneau from Rest annotations on a Serlvet are flagged as insecure because the HTML contains script and style elements that are not using a nonce or a hash attribute.
>
> Is there any interest here in support of this?
>
> If so, I might be able to provide a PR, not 100% sure, since I've only looked at the source enough to see where the script tag is written.
>
> Thank you,
> Gary