Skip to content

add default enforced Content Security Policy #135

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
labkey-willm merged 5 commits into from
Feb 14, 2025
Merged

add default enforced Content Security Policy #135

labkey-willm merged 5 commits into from
Feb 14, 2025

Conversation

@labkey-willm
Copy link
Contributor

@labkey-willm labkey-willm commented Feb 5, 2025
edited
Loading

Rationale

https://github.com/LabKey/kanban/issues/362

We are consolidating where we are defining our default Content Security Policy, and making 'enforce' the default for most, if not all, deployments.

Related Pull Requests

Changes

  • add default 'enforce' csp with markers for automatically updating from source version in other repo
  • add wiring for LABKEY_OPTIONAL_APP_PROPERTIES_S3_URI
  • remove CSP_REPORT and CSP_ENFORCE env vars, as no longer needed
  • update README with these updates

@labkey-willm labkey-willm changed the title Fb_use_canonical_csp add default enforced Content Security Policy Feb 6, 2025
@labkey-willm labkey-willm mentioned this pull request Feb 6, 2025
Merged
labkey-stuartm
labkey-stuartm reviewed Feb 14, 2025
View reviewed changes
Copy link
Contributor

@labkey-stuartm labkey-stuartm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a typo in the ReadMe changes

"In can, however,"

This should be:
It can, however,

labkey-stuartm
labkey-stuartm reviewed Feb 14, 2025
View reviewed changes
@labkey-willm @labkey-stuartm
Update README.md
c5600f9 
Co-authored-by: labkey-stuartm <32204841+labkey-stuartm@users.noreply.github.com>
@labkey-willm labkey-willm merged commit bdb09fd into develop Feb 14, 2025
5 checks passed
@labkey-willm labkey-willm deleted the fb_use_canonical_csp branch February 14, 2025 21:57
labkey-willm added a commit that referenced this pull request Feb 14, 2025
@labkey-willm @labkey-stuartm
add default enforced Content Security Policy (#135)
d51242f 
* add default csp.enforce block and ability to load an optional.application.properties

* remove CSP_REPORT and CSP_ENFORCE; update README

* add wiring for optional app properties file from s3

* update to match what's currently deployed

* Update README.md

Co-authored-by: labkey-stuartm <32204841+labkey-stuartm@users.noreply.github.com>

---------

Co-authored-by: labkey-stuartm <32204841+labkey-stuartm@users.noreply.github.com>
labkey-willm added a commit that referenced this pull request Feb 15, 2025
@labkey-willm @labkey-stuartm
add default enforced Content Security Policy (#135) (#137)
4fd4333 
* add default csp.enforce block and ability to load an optional.application.properties

* remove CSP_REPORT and CSP_ENFORCE; update README

* add wiring for optional app properties file from s3

* update to match what's currently deployed

* Update README.md



---------

Co-authored-by: labkey-stuartm <32204841+labkey-stuartm@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@labkey-jony labkey-jony labkey-jony approved these changes

@labkey-stuartm labkey-stuartm labkey-stuartm approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@labkey-willm @labkey-jony @labkey-stuartm