Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

plugin/clnrest: security improvements #6686

Merged
merged 11 commits into from
Sep 19, 2023
Merged

plugin/clnrest: security improvements #6686

merged 11 commits into from
Sep 19, 2023

Conversation

ShahanaFarooqui
Copy link
Collaborator

@ShahanaFarooqui ShahanaFarooqui commented Sep 15, 2023
edited
Loading

  • Generating three certs (CA, client and server) if they do not exist already
  • Added rune authentication for websocket server as well
  • Added two new clnrest config options for CORS and CSP headers

Changelog-Fixed: clnrest Certificate generation
Changelog-Fixed: Added rune validations for websocket notifications
Changelog-Added: New configurable Content-Security-Policy (CSP) header for clnrest
Changelog-Added: New configurable Cross-Origin-Resource-Sharing(CSP) header for clnrest

@ShahanaFarooqui
plugins/clnrest: Generate all three certs if missing
8edb1ef 
Generate client, server and CA certs for https and trusted CA update
@ShahanaFarooqui ShahanaFarooqui linked an issue Sep 15, 2023 that may be closed by this pull request
Plugin clnrest improvements #6436
Closed
@ShahanaFarooqui
plugins/clnrest: Rune authentication for websocket server
65d0d38
@ShahanaFarooqui
plugins/clnrest: Updated websocket client examples
a226db8 
- Updated javascript and python client examples with rune auth
- Added new html (browser based) client example with rune auth
@ShahanaFarooqui
plugins/clnrest: Add CORS library
a82463a
@ShahanaFarooqui
plugins/clnrest: Add rest-cors-origins option for config
1861aa7
@ShahanaFarooqui
plugins/clnrest: Update App server to dynamically add CORS settings
3aa0cf8
@ShahanaFarooqui
docs: Update documents with rest-cors-origins option
0fdd979
@ShahanaFarooqui
plugins/clnrest: Update Websocket server to dynamically add CORS sett…
a5938a7 
…ings

Changelog-Added: New configurable Cross-Origin-Resource-Sharing(CSP) header for clnrest
@ShahanaFarooqui
plugins/clnrest: Add rest-csp option for config
0c0132a
@ShahanaFarooqui
plugins/clnrest: Update content security policy for server
4892647
@ShahanaFarooqui
docs: Update documents with rest-csp option
014fbf4 
Changelog-Added: New configurable Content-Security-Policy (CSP) header for clnrest
@ShahanaFarooqui ShahanaFarooqui added this to the v23.11 milestone Sep 18, 2023
rustyrussell
rustyrussell approved these changes Sep 19, 2023
View reviewed changes
Copy link
Contributor

@rustyrussell rustyrussell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack 014fbf4

@rustyrussell rustyrussell merged commit 1a18f61 into ElementsProject:master Sep 19, 2023
39 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rustyrussell rustyrussell rustyrussell approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v23.11
Development

Successfully merging this pull request may close these issues.

Plugin clnrest improvements
2 participants
@ShahanaFarooqui @rustyrussell