Project

General

Profile

Actions
Copy link

Bug #27314

open

CSP violation in api accounts custom ACL selection

Added by Clark ANDRIANASOLO about 21 hours ago. Updated about 21 hours ago.

Status:
Pending release
Priority:
N/A
Assignee:
Véronique HAYAERT
Target version:
Rudder plugins - 9.0
Pull Request:
https://github.com/Normation/rudder-p...
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Effort required:
Very Small
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

There are CSP violations due to enabling CSP in all pages in #26934, but some specific AJAX execution and HTML rendering was missing in the API accounts page when editing custom ACLs :

Files

image(2).png (210 KB) image(2).png Clark ANDRIANASOLO, 2025-07-18 15:56

Related issues 2 (2 open0 closed)

Related to Rudder - User story #26951: Plugins need CSP to be strict in Rudder but disabled in plugin pagesPending releaseClark ANDRIANASOLOActions
Related to Rudder - User story #26934: Enable CSP on all pages and add tag to exclude a page Pending releaseFrançois ARMANDActions
Actions
Copy link

Also available in: Atom PDF