Skip to content

A couple more CSP enhancements#2530

Merged
labkey-tchad merged 6 commits intorelease25.7-SNAPSHOTfrom
fb_csp_issues
Jul 8, 2025
Merged

A couple more CSP enhancements#2530
labkey-tchad merged 6 commits intorelease25.7-SNAPSHOTfrom
fb_csp_issues

Conversation

@labkey-tchad
Copy link
Member

@labkey-tchad labkey-tchad commented Jul 2, 2025

Rationale

Add test coverage for CSP enhancements

Related Pull Requests

Changes

  • Configure object-src for Knitr tests and remove exclusion from CspLogUtil
  • Add regression test for script nonce in report webpart (AbstractKnitrReportTest)
  • Remove redundant methods from PortalHelper
  • Move some methods from WikiHelper to wiki.EditPage

@labkey-tchad labkey-tchad requested review from a team, labkey-adam and labkey-danield and removed request for a team July 2, 2025 22:03
@labkey-tchad labkey-tchad mentioned this pull request Jul 2, 2025
Merged
3 tasks
labkey-adam
labkey-adam approved these changes Jul 3, 2025
View reviewed changes
src/org/labkey/test/tests/AbstractKnitrReportTest.java
public void testEmbeddedReportNonce()
{
CspConfigHelper.debugCspWarnings();
new CspConfigHelper(this).setEnforceCsp(false);
Copy link
Contributor

@labkey-adam labkey-adam Jul 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So we're still disabling the enforce CSP and checking for logged warnings?

Copy link
Member Author

@labkey-tchad labkey-tchad Jul 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suppose we don't have to now that you mention it.
I'll remove these in a separate PR after this is merged. I don't want to touch this branch since it is merging to 25.7 but TeamCity is running it against develop.

@labkey-tchad labkey-tchad changed the base branch from develop to release25.7-SNAPSHOT July 3, 2025 22:34
@labkey-tchad labkey-tchad merged commit 77aea55 into release25.7-SNAPSHOT Jul 8, 2025
9 checks passed
@labkey-tchad labkey-tchad deleted the fb_csp_issues branch July 8, 2025 17:04
This was referenced Jul 9, 2025
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@labkey-adam labkey-adam labkey-adam approved these changes

@labkey-danield labkey-danield Awaiting requested review from labkey-danield labkey-danield was automatically assigned from LabKey/core-test

+1 more reviewer

@labkey-chrisj labkey-chrisj labkey-chrisj approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@labkey-tchad @labkey-adam @labkey-chrisj