Page MenuHomePhabricator
Create Task
Maniphest T278882

Add Content-Security policy config
Closed, ResolvedPublic
Actions

Description

Add a CSP policy that only allows loading resources from Toolhub itself and upload.wikimedia.org. Lock this down as tight as we can for initial launch.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
backend: Add Content-Security-Policy header and report collectorwikimedia/toolhubmain+147 -3
Customize query in gerrit

Related Objects
Search...

Event Timeline

bd808 created this task.Mar 30 2021, 8:14 PM
bd808 claimed this task.Jul 13 2021, 10:30 PM
bd808 moved this task from Backlog to In Progress on the Toolhub board.
bd808 added a project: Developer-Advocacy (Jul-Sep 2021).
Restricted Application added a project: User-bd808. · View Herald TranscriptJul 13 2021, 10:30 PM
gerritbot added a comment.Jul 14 2021, 11:26 PM

Change 704641 had a related patch set uploaded (by BryanDavis; author: Bryan Davis):

[wikimedia/toolhub@main] backend: Add Content-Security-Policy header and report collector

https://gerrit.wikimedia.org/r/704641

gerritbot added a project: Patch-For-Review.Jul 14 2021, 11:26 PM
gerritbot added a comment.Jul 15 2021, 12:04 AM

Change 704641 merged by jenkins-bot:

[wikimedia/toolhub@main] backend: Add Content-Security-Policy header and report collector

https://gerrit.wikimedia.org/r/704641

Maintenance_bot removed a project: Patch-For-Review.Jul 15 2021, 12:10 AM
bd808 closed this task as Resolved.Jul 15 2021, 10:06 PM
bd808 mentioned this in T273020: Security Readiness Review For Toolhub.Aug 10 2021, 6:11 PM
bd808 moved this task from In Progress to Review on the Toolhub board.Dec 21 2022, 1:02 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits