Project

General

Profile

Actions
Copy link

User story #26934

open

Enable CSP on all pages and add tag to exclude a page

Added by Clark ANDRIANASOLO 10 days ago. Updated 7 days ago.

Status:
Pending technical review
Priority:
N/A
Assignee:
François ARMAND
Category:
Security
Target version:
9.0.0~alpha1
Pull Request:
https://github.com/Normation/rudder/p...
UX impact:
It bothers me each time
Suggestion strength:
Want - This would make my life a lot easier but I can manage without
User visibility:
First impressions of Rudder
Effort required:
Medium
Name check:
To do
Fix check:
To do
Regression:
No

Description

We want CSP headers in all pages so the current directive to add CSP headers to a page in #25032 should be replaced by directives to ignore some pages, and CSP should be enabled on all pages by default

Subtasks 1 (1 open0 closed)

User story #26951: Plugins need CSP to be strict in Rudder but disabled in plugin pagesPending technical reviewClark ANDRIANASOLOActions

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #25032: Use Content-Security-Policy strict headers in utilities pagesReleasedFrançois ARMANDActions
Actions
Copy link

Also available in: Atom PDF