wiki.hausos.co - CSP domain addition please.
Hiya. Could we add *.gofundme.com (specifically for https://www.gofundme.com/static/js/embed.js?_=1630651456131) to the script-src CSP list please.
Thank you so much.
J.
CSP REVIEW
- Is the site equipped with a privacy policy? https://www.gofundme.com/privacy#contact
- Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? DP Team contactable by General Support
- Does the site provide a list of personal data being collected by using the service? Yes, very detailed
- Is the website owner known to have a bad reputation regarding privacy? No indication on google
- Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? May prevent use of the site
- Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker?
- Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Via general support, address given
- Is the site equipped with a security policy? https://www.gofundme.com/c/security
- Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? Looks like it, mentions protecting user data
- Is the website owner known to have a bad reputation regarding information security? No obvious issues
- Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Bugcrowd form for reporting issues, otherwise no