Bug #25715: Avoid Content-Security-Policy-Report-Only headers in dev mode - Rudder - Issue Tracker

Actions

Copy link

Bug #25715

closed

Avoid Content-Security-Policy-Report-Only headers in dev mode

Added by Clark ANDRIANASOLO about 1 month ago. Updated 14 days ago.

Status:

Released

Priority:

5 (lowest)

Assignee:

Alexis Mousset

Category:

Architecture - Code maintenance

Target version:

8.1.8

Pull Request:

https://github.com/Normation/rudder/p...

Severity:

Trivial - no functional impact | cosmetic

UX impact:

User visibility:

Effort required:

Very Small

Priority:

Name check:

To do

Fix check:

Checked

Regression:

Description

The Lift server has an option to add Content-Security-Policy-Report-Only header which makes the browser believe all scripts can be executed in a development environment (in IntelliJ without using a deployed war), but it is very misleading because things will still work even if they don't in production.

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #25715

Avoid Content-Security-Policy-Report-Only headers in dev mode

Updated by Clark ANDRIANASOLO about 1 month ago

Updated by Clark ANDRIANASOLO about 1 month ago

Updated by Clark ANDRIANASOLO about 1 month ago

Updated by Clark ANDRIANASOLO 17 days ago

Updated by Clark ANDRIANASOLO 15 days ago

Updated by Vincent MEMBRÉ 14 days ago