Project

General

Profile

Actions

Bug #25032

closed

Use Content-Security-Policy strict headers in utilities pages

Added by Clark ANDRIANASOLO 5 months ago. Updated 4 months ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Small
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

We have added the necessary boilerplate in #24015 to include HTML pages to be loaded with strict CSP headers, and applied it to the healtcheck page.

We now need to include these headers in other Utilities pages within Rudder : archives, event logs


Related issues 3 (0 open3 closed)

Related to Rudder - Bug #24015: Use Content-Security-Policy strict headersReleasedClark ANDRIANASOLOActions
Related to Rudder - Bug #25352: Event log rollback action is prevented from CSP headersReleasedRaphael GAUTHIERActions
Related to Rudder - Bug #25712: CSP violations from status tab in utilities pagesReleasedFrançois ARMANDActions
Actions

Also available in: Atom PDF