Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-49291

Improving the DevExp for passing the CSP directives to console per flag

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • 4.20.0
    • 4.18.0
    • Management Console
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • Done
    • None
    • Hide
      Before this update, the console server did not handle Content Security Policy (CSP) directives correctly when run locally with JSON input because it did not support the `MultiValue` type. This update enables the console to accept CSP directives as `MultiValue` instead of JSON for local use. As a result, you can now pass separate CSP directives more easily during console development. (link:https://issues.redhat.com/browse/OCPBUGS-49291[OCPBUGS-49291])
      Show
      Before this update, the console server did not handle Content Security Policy (CSP) directives correctly when run locally with JSON input because it did not support the `MultiValue` type. This update enables the console to accept CSP directives as `MultiValue` instead of JSON for local use. As a result, you can now pass separate CSP directives more easily during console development. (link: https://issues.redhat.com/browse/OCPBUGS-49291 [ OCPBUGS-49291 ])
    • None
    • None
    • None
    • None

      Description of problem:

      Console needs to improve the DevExp for passing the CSP directives to console  since currently users need to pass the CSP directives as a JSON value, when running console server locally.
      We need to use the MultiValue multi value type instead of JSON.

      Version-Release number of selected component (if applicable):

          

      How reproducible:

          

      Steps to Reproduce:

          1.
          2.
          3.
          

      Actual results:

          

      Expected results:

      Users should pass CSP directives separately, eg:
      
      ./bin/bridge --content-security-policy ScriptSrc="localhost:1234 localhost:2345" --content-security-policy FontSrc="localhost:3456 localhost:4567"

      Additional info:

          

              jhadvig@redhat.com Jakub Hadvig
              jhadvig@redhat.com Jakub Hadvig
              None
              None
              YaDan Pei YaDan Pei
              Jocelyn Sese Jocelyn Sese
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: