User story #26934
closed
Enable CSP on all pages and add tag to exclude a page
Added by Clark ANDRIANASOLO 2 months ago.
Updated 7 days ago.
UX impact:
It bothers me each time
Suggestion strength:
Want - This would make my life a lot easier but I can manage without
User visibility:
First impressions of Rudder
Description
We want CSP headers in all pages so the current directive to add CSP headers to a page in #25032 should be replaced by directives to ignore some pages, and CSP should be enabled on all pages by default
- Related to Bug #25032: Use Content-Security-Policy strict headers in utilities pages added
- Status changed from New to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to François ARMAND
- Pull Request set to https://github.com/Normation/rudder/
- Pull Request changed from https://github.com/Normation/rudder/ to https://github.com/Normation/rudder/6394
- Pull Request changed from https://github.com/Normation/rudder/6394 to https://github.com/Normation/rudder/pull/6394
- Status changed from Pending technical review to Pending release
- Related to Bug #27314: CSP violation in api accounts custom ACL selection added
- Status changed from Pending release to Released
This bug has been fixed in Rudder 9.0.0~alpha1 which was released today.
Also available in: Atom
PDF
Updated by 
Updated by