This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
For details please read Specs: https://w3c.github.io/webappsec/specs/content-security-policy/#delivery-html-meta-element How to reproduce. Simply write html code: <html> <head> <meta http-equiv="Content-Security-Policy" content="script-src 'self'"> ... What happens. Netbeans shows warning: Bad value "Content-Security-Policy" for attribute "http-equiv" on element "meta". From line 6, column 3; to line 6, column 73 (Rule Category: Attributes) What should happen. Meta's http-equiv="Content-Security-Policy" should be recognized as a valid value. Merry Christmas and happy new year to all!
Reproducible, thank you for reporting. Product Version: NetBeans IDE Dev (Build 201502050002) Java: 1.8.0_25; Java HotSpot(TM) Client VM 25.25-b02 Runtime: Java(TM) SE Runtime Environment 1.8.0_25-b17 System: Linux version 3.13.0-35-generic running on i386; UTF-8; en_US (nb)
Has this bug been corrected ? I am using Netbeans 8.0.2 in conjunction with Cordova 5 which now insists on implementing a White List Policy for external AJAX call.
marste5310@netbeans.org please, vote for any bug you like to be fixed sooner.
This is still an issue with version 8.2