Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
3
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
4.19 Console Dependencies & Tech Debt
Feature Link:
OCPSTRAT-1844 - TechDebt - OCP Console - Dependency Cleanup
Intelligence Requested:
Market:

Sprint:
OCP Console - Sprint 267, OCP Console - Sprint 268

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

In Console 4.18 we introduced an initial Content Security Policy (CSP) implementation (~~CONSOLE-4263~~).

This affects both Console web application as well as any dynamic plugins loaded by Console. In production, CSP violations are sent to telemetry service for analysis (~~CONSOLE-4272~~).

We need a reliable way to detect new CSP violations as part of our automated CI checks. We can start with testing the main dashboard page of Console and expand to more pages as necessary.

Acceptance criteria:

Console project provides a script to test for CSP violations.
CSP violation test script does not report any errors for Console.

is cloned by

CONSOLE-4437 Automated Content Security Policy testing in CI

To Do

is duplicated by

CONSOLE-4279 Console CI catches CSP violations

Closed

links to

openshift/console#14675: CONSOLE-4430: Content Security Policy E2E testing with Puppeteer & Chrome

Assignee:: Vojtech Szocs

Reporter:: Vojtech Szocs

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/01/09 4:24 PM

Updated:: 2025/03/10 12:58 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates