Closed darkmsph1t closed 6 years ago
So, today the short questionnaire will extrapolate the whitelist from the content security policy. If no CSP is defined, it is assumed that the entire site is same-origin
so no whitelist is necessary. Will extend this functionality to the long-form questionnaire as well, but believe this is a valid solution for now
Is your feature request related to a problem? Please describe. Currently users have to specify CORS whitelist items in an editor which basically takes the user out of the questionnaire. Not all users have this whitelist already made, so being able to spec it on the fly ensures that secure configuration of the application is complete.
Describe the solution you'd like It would be good if there was a function, method or middleware inside
question.js
that could continuously prompt/poll the user until they hit an ending point (presumably 'done')Why does this feature belong in _spartan? Building a whitelist is required for full application functionality (e.g. cors won't be fully operational until the user builds a whitelist)
Describe alternatives you've considered The application will already allow specification of the whitelist outside of the question.js flow by pointing to a flat file which exists on a disk. Assuming that the file is appropriately formatted, it will also do the job.
Additional context Add any other context or screenshots about the feature request here.