CSP for SoM |
||
Issue descriptionSheriff-o-Matic renders data from a large number of different sources in its web UI. To ensure it's not requesting data or sharing bits it shouldn't share, we should implement a Content Security Policy (and monitoring for violations).
,
Jan 8 2018
Agreed on making this a cross-app frontend project. For now, I think we should focus on Sheriff-o-Matic and then try to add this to any other projects that we notice are missing this (I believe most of our older frontends don't have a CSP). Down the road I think it might be a good idea to make a checklist of standards we want our frontend apps on ChOps to follow. This could probably be treated as part of the ChOpsUI/ChOps frontend quality project.
,
Jan 10
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue. Sorry for the inconvenience if the bug really should have been left as Available. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||
►
Sign in to add a comment |
||
Comment 1 by seanmccullough@google.com
, Jan 8 2018