Actions
Architecture #22374
closedAllow iframes from the same origin
Fix check:
Error - Next version
Regression:
No
Description
It used to be allowed, and was actually needed for the openscap plugin (and not only the technique editor like I initially thought).
Let's really it by setting X-Frame-Options
to SAMEORIGIN
, which will keep the protection level high and allow the external-node-reports and openscap plugins to work.
Files
Updated by Alexis Mousset almost 2 years ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset almost 2 years ago
- Has duplicate Bug #22373: openscap frame is all black added
Updated by Alexis Mousset almost 2 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder/pull/4664
Updated by Alexis Mousset almost 2 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|2205353494cff7078469c0ef2650544bf1ccc673.
Updated by Nicolas CHARLES over 1 year ago
- File clipboard-202303231624-kbpmv.png clipboard-202303231624-kbpmv.png added
- Fix check changed from To do to Error - Next version
this is not working
Updated by Nicolas CHARLES over 1 year ago
- Related to Bug #22522: Allow iframes from the same origin added
Updated by Vincent MEMBRÉ over 1 year ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 7.2.5 which was released today.
Updated by Alexis Mousset 9 days ago
- Related to Architecture #26068: Deny iframes in Rudder added
Actions