Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: adds restrictive content security policies #2507

Merged
merged 7 commits into from
May 24, 2024
Merged

feat: adds restrictive content security policies #2507

merged 7 commits into from
May 24, 2024

Conversation

jeeanribeiro
Copy link
Member

Summary

closes #2047

Testing

Platforms

  • Desktop
    • MacOS
    • Linux
    • Windows

Instructions

  • Test features that could be affected by security policies (third party requests)

Checklist

  • I have followed the contribution guidelines for this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have added or modified tests that prove my changes work as intended
  • I have verified that new and existing unit tests pass locally with my changes
  • I have verified that my latest changes pass CI workflows for testing and linting
  • I have made corresponding changes to the documentation

@jeeanribeiro jeeanribeiro self-assigned this May 16, 2024
@jeeanribeiro jeeanribeiro enabled auto-merge (squash) May 16, 2024 20:34
@Tuditi Tuditi requested review from Tuditi and removed request for cvarley100 and nicole-obrien May 20, 2024 14:09
Tuditi
Tuditi reviewed May 22, 2024
View reviewed changes
Copy link
Contributor

@Tuditi Tuditi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we could improve security be extracting the css and the scripts into separate files. This might also reduce code duplication inside the styles. What do you think?

packages/desktop/public/about.html Outdated Show resolved Hide resolved
packages/desktop/public/error.html Outdated Show resolved Hide resolved
@jeeanribeiro jeeanribeiro requested a review from Tuditi May 22, 2024 17:49
Tuditi
Tuditi approved these changes May 24, 2024
View reviewed changes
Copy link
Contributor

@Tuditi Tuditi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jeeanribeiro jeeanribeiro merged commit af4d003 into develop May 24, 2024
7 checks passed
@jeeanribeiro jeeanribeiro deleted the feat/add-csp branch May 24, 2024 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tuditi Tuditi Tuditi approved these changes

Assignees

@jeeanribeiro jeeanribeiro

Labels
scope:security type:feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

️🛠 - [Task tracker] Improve Content Security Policies
2 participants
@jeeanribeiro @Tuditi