Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
5
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
OCP 4.18 - Content Security Policy implementation
Intelligence Requested:
Market:

Sprint:
HAC Infra OCP - Sprint 262

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

When serving Console HTML index page, we generate the policy that includes allowed (trustworthy) sources.

It may be necessary for some dynamic plugins to add new sources in order to avoid CSP violations at Console runtime.

AC:

Add new API field to ConsolePlugin CRD for allowing additional CSP sources
Add unit tests for the

links to

openshift/api#2042: CONSOLE-4265: Add new API field to ConsolePlugin CRD for allowing additional CSP sources

openshift/console#14156: CONSOLE-4263: Add initial Content Security Policy for Console web application

openshift/enhancements#1706: CONSOLE-4265: Add new API field to ConsolePlugin CRD for allowing additional CSP sources

openshift/microshift#4165: NO-ISSUE: rebase-main-4.18.0-0.nightly-2024-11-10-133523_amd64-2024-11-10_arm64-2024-11-10

Assignee:: Jakub Hadvig

Reporter:: Jakub Hadvig

QA Contact:: YaDan Pei

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/09/10 1:21 PM

Updated:: 2024/11/11 11:55 AM

Resolved:: 2024/11/11 11:55 AM