search

dertinfo / dertinfo-app

An Azure Static Web App wrapping an Angular client for capturing scores and score sheet images. It also feeds back results and sheets to groups and group members
https://app.dertinfo.co.uk
GNU General Public License v3.0
0 stars 0 forks source link

Move permitted domains to configuration. #4

Open davidsmonkeys opened 3 months ago

davidsmonkeys commented 3 months ago

In the file app.module.ts it specifies the allowed domains that when called the application will send the token so in order that we don't send active tokens to third parties.

However it is noted that the list is in this file twice and should be extracted to configuration so that management of it needs only be in one location and that should be in the config of the application.

We should also look to see if both locations where the list is used is required.

note - this task does not include the changes to make the allowed domains environment specific. Moving then from being hard coded to configuration is a precursor to setting them up in the pipelines.

davidsmonkeys commented 2 months ago

We have partially completed this in the app and this issue might be able to be closed as there is a limit as to what can be done from the project. We need to update the allowed domains through configuration which we do in the codespace however we still have staging and production urls in the codebase which needs to be extracted and handled with pipelines.

The PR where the configuration was adjusted is here: https://github.com/dertinfo/dertinfo-app/pull/14