search

cds-snc / simplify-privacy-statements-V2

starter-app repo based version of privacy app.
https://simplify-privacy-statements.alpha.canada.ca
MIT License
5 stars 1 forks source link

Bug/csp fix #268

Closed omartehsin1 closed 1 year ago

omartehsin1 commented 1 year ago

Summary | Résumé

Updated CSP script src

github-actions[bot] commented 1 year ago

Production: cloudfront

✅   Terraform Format: success ✅   Terraform Plan: success ✅   Conftest: success

Plan: 0 to add, 1 to change, 0 to destroy
Show plan ```terraform Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # aws_cloudfront_response_headers_policy.simplify_privacy_app_headers_policy will be updated in-place ~ resource "aws_cloudfront_response_headers_policy" "simplify_privacy_app_headers_policy" { id = "15cb4030-2708-406b-a7ba-92df299a954d" name = "simplify-privacy-app-headers" # (1 unchanged attribute hidden) ~ security_headers_config { ~ content_security_policy { ~ content_security_policy = "script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://simplify-privacy-statements.alpha.canada.ca/dist/js/; default-src 'self'; base-uri 'none'; font-src 'self' https://fonts.gstatic.com/; img-src 'self' data: https://www.google-analytics.com; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline';" -> "script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://simplify-privacy-statements.alpha.canada.ca/dist/js/ https://edbi6zcop5ta2t5wb6hb5y6kja0rsajp.lambda-url.ca-central-1.on.aws/dist/js/*; default-src 'self'; base-uri 'none'; font-src 'self' https://fonts.gstatic.com/; img-src 'self' data: https://www.google-analytics.com; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline';" # (1 unchanged attribute hidden) } # (5 unchanged blocks hidden) } } Plan: 0 to add, 1 to change, 0 to destroy. Warning: Argument is deprecated with module.log_bucket.aws_s3_bucket.this, on .terraform/modules/log_bucket/S3_log_bucket/main.tf line 8, in resource "aws_s3_bucket" "this": 8: resource "aws_s3_bucket" "this" { Use the aws_s3_bucket_server_side_encryption_configuration resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Saved the plan to: plan.tfplan To perform exactly these actions, run the following command to apply: terraform apply "plan.tfplan" ```
Show Conftest results ```sh 18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions ```