codecov[bot]
commented
7 months ago Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Comparison is base (
8c4e573) 79.37% compared to head (6b85894) 79.40%. Report is 11 commits behind head on main.
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #1044 +/- ## ========================================== + Coverage 79.37% 79.40% +0.03% ========================================== Files 21 21 Lines 1275 1277 +2 Branches 189 189 ========================================== + Hits 1012 1014 +2 Misses 263 263 ```:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
araujoarthur0
tupaschoal
Related issue
Closes #1038
Context / Background
App was giving out security warnings on the JS console when fired, up as shown here:
What change is being introduced by this PR?
As far as I understood from electron documentation, the Content Security Policy (CSP) when defined prevents a malicious user from modifying/injecting stuff into our script calls. For when we have inline scripts, we could either use
unsafe-inline, which would defeat the purpose of the CSP,nonceor ahash. When setting the CSP to just self, it would complain and already give the hash of the inline scripts, so I just used those hashes to not restrict it instead. If we ever change those inline scripts we'll need to update the hash, but I think that is ok.How will this be tested?
The warnings are gone, I don't really think this was a big problem for us, but at least