Actions
Bug #25032
open
Use Content-Security-Policy strict headers in utilities pages
Status:
Pending release
Priority:
N/A
Assignee:
Category:
Security
Target version:
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Small
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No
Description
We have added the necessary boilerplate in #24015 to include HTML pages to be loaded with strict CSP headers, and applied it to the healtcheck page.
We now need to include these headers in other Utilities pages within Rudder : archives, event logs
Updated by Clark ANDRIANASOLO 29 days ago
- Related to Bug #24015: Use Content-Security-Policy strict headers added
Updated by Clark ANDRIANASOLO 29 days ago
- Status changed from New to In progress
Updated by Clark ANDRIANASOLO 11 days ago
- Subject changed from Use Content-Security-Policy strict headers in web pages to Use Content-Security-Policy strict headers in utilities pages
- Description updated (diff)
Updated by Clark ANDRIANASOLO 11 days ago
- Status changed from In progress to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to François ARMAND
- Pull Request set to https://github.com/Normation/rudder/pull/5764
Updated by Clark ANDRIANASOLO 8 days ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|c2c3241d61586fad6b00c2fa9cd5ab0967815fea.
Actions