Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Apply CSPs to generic hook responses. #926

Merged
merged 3 commits into from
Apr 16, 2024
Merged

Apply CSPs to generic hook responses. #926

merged 3 commits into from
Apr 16, 2024

Conversation

Half-Shot
Copy link
Contributor

A generic hook could potentially return a valid HTML document provided both enableHttpGet and JS functions are enabled. This isn't bad in itself but being able to execute JS is not really a useful feature.

@Half-Shot Half-Shot requested a review from a team as a code owner April 16, 2024 12:49
@Half-Shot Half-Shot requested a review from a team April 16, 2024 12:49
davidegirardi
davidegirardi suggested changes Apr 16, 2024
View reviewed changes
src/generic/Router.ts Outdated Show resolved Hide resolved
src/generic/Router.ts Outdated Show resolved Hide resolved
@Half-Shot @davidegirardi
Apply suggestions from code review
b59f1c5 
Co-authored-by: davidegirardi <16451191+davidegirardi@users.noreply.github.com>
Signed-off-by: Will Hunt <github@half-shot.uk>
@Half-Shot Half-Shot requested a review from davidegirardi April 16, 2024 14:59
@Half-Shot Half-Shot added this pull request to the merge queue Apr 16, 2024
Merged via the queue into main with commit 45060f2 Apr 16, 2024
16 checks passed
@Half-Shot Half-Shot deleted the hs/apply-csps-to-generic-hooks branch April 16, 2024 21:12
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@davidegirardi davidegirardi Awaiting requested review from davidegirardi

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Half-Shot @davidegirardi