Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CFE-493] - Fix CSP unsafe scripts styles #936

Merged
merged 5 commits into from
Nov 28, 2024
Merged

[CFE-493] - Fix CSP unsafe scripts styles #936

merged 5 commits into from
Nov 28, 2024

Conversation

Aldemylla
Copy link
Collaborator

@Aldemylla Aldemylla commented Nov 28, 2024
edited
Loading

Description

Type of Change

    • Bugfix
    • Feature
    • Code style update (formatting, local variables)
    • Refactoring (no functional changes, no api changes)
    • Tests
    • Other

Motivation and Context

  • Remove configuration vulnerabilities in security headers.

Summary of Changes

  • Added nonce to scripts;
  • Removed stripe unused script;
  • Removed unsafe GoogleTagManager scripts.

@codecov-commenter
Copy link

Codecov Report

Attention: Patch coverage is 0% with 8 lines in your changes missing coverage. Please review.

Project coverage is 31.71%. Comparing base (1f0bf31) to head (b05ef5a).

Files with missing lines Patch % Lines
src/utils/plugins/WebChat.js 0.00% 5 Missing ⚠️
src/utils/transformIntoDraggableBubble.js 0.00% 2 Missing ⚠️
src/utils/plugins/Hotjar.js 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #936      +/-   ##
==========================================
- Coverage   31.72%   31.71%   -0.01%     
==========================================
  Files         175      175              
  Lines       20364    20370       +6     
  Branches      548      548              
==========================================
  Hits         6461     6461              
- Misses      13903    13909       +6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Aldemylla Aldemylla merged commit 243add0 into main Nov 28, 2024
2 checks passed
@Aldemylla Aldemylla deleted the fix/csp-unsafe-scripts-styles branch November 28, 2024 21:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarcusviniciusLsantos MarcusviniciusLsantos MarcusviniciusLsantos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Aldemylla @codecov-commenter @MarcusviniciusLsantos