Adding content security header reporting directive - Githubissues

cds-snc / resources-ressources

Learning Resources / Ressources d'apprentissage

MIT License

3 stars 1 forks source link

Adding content security header reporting directive #274

Closed sylviamclaughlin closed 2 years ago

sylviamclaughlin commented 2 years ago

Adding content security header reporting directive to generate a report to the CDS CSP Failures app. The url of the service is https://csp-reports.security.cdssandbox.xyz/

🔗 Linked issue

This is linked to github issue #201

❓ Type of change

[ ] 📖 Documentation (updates to the documentation or readme)
[ ] 🐞 Bug fix (a non-breaking change that fixes an issue)
[ ] 👌 Enhancement (improving an existing functionality like performance)
[x] ✨ New feature (a non-breaking change that adds functionality)
[ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)

📚 Description

Modified the customHttp.yml file to add the line report-uri https://csp-report-to.security.cdssandbox.xyz/report so that CSP failures will be flagged in the CDS CSP reports website.

📝 Checklist

[x] I have linked an issue or discussion.
[ ] I have updated the documentation accordingly.

aws-amplify-ca-central-1[bot] commented 2 years ago

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-274.d3eik05156ec7t.amplifyapp.com