mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-05 19:59:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat: add CSP and other security related headers in the oCIS proxy service (#8777)

Browse Source 
* feat: add CSP and other security related headers in the oCIS proxy service

* fix: consolidate security related headers - drop middleware.Secure

* fix: use github.com/DeepDiver1975/secure

* fix: acceptance tests

* feat: support env var replacements in csp.yaml
This commit is contained in:
Thomas Müller
2024-04-26 09:10:35 +02:00
committed by GitHub
parent d3415a8c92
commit bdbba929d0
47 changed files with 2357 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
services/proxy/pkg/command/server.go
View File

@@ -300,6 +300,11 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config,
Now: time.Now,
})
cspConfig, err := middleware.LoadCSPConfig(cfg)
if err != nil {
logger.Fatal().Err(err).Msg("Failed to load CSP configuration.")
}
return alice.New(
// first make sure we log all requests and redirect to https if necessary
otelhttp.NewMiddleware("proxy",
@@ -315,6 +320,7 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config,
chimiddleware.RequestID,
middleware.AccessLog(logger),
middleware.HTTPSRedirect,
middleware.Security(cspConfig),
router.Middleware(cfg.PolicySelector, cfg.Policies, logger),
middleware.Authentication(
authenticators,