Bug #27314
closed
CSP violation in api accounts custom ACL selection
Added by Clark ANDRIANASOLO about 2 months ago.
Updated about 2 months ago.
Severity:
Major - prevents use of part of Rudder | no simple workaround
Effort required:
Very Small
Description
There are CSP violations due to enabling CSP in all pages in #26934, but some specific AJAX execution and HTML rendering was missing in the API accounts page when editing custom ACLs :
.png)
Files
- Related to User story #26951: Plugins need CSP to be strict in Rudder but disabled in plugin pages added
- Related to User story #26934: Enable CSP on all pages and add tag to exclude a page added
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to Véronique HAYAERT
- Pull Request set to https://github.com/Normation/rudder-plugins/pull/873
- Status changed from Pending technical review to Pending release
- Status changed from Pending release to Released
This bug has been fixed in Rudder plugin api-authorizations v9.0.0.alpha1-2.2
Also available in: Atom
PDF
Updated by 
Updated by