Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add wildcard for cloudron CSP #13892

Merged
merged 2 commits into from
Dec 7, 2020
Merged

Add wildcard for cloudron CSP #13892

merged 2 commits into from
Dec 7, 2020

Conversation

jolheiser
Copy link
Member

@jolheiser jolheiser commented Dec 7, 2020
edited

Ughhh, https://cloudron.io/img/button.svg redirects to https://www.cloudron.io/img/button.svg, so it's still busted. 😓

As far as I understand CSP directives, this PR should work for both.

@jolheiser
Wildcard cloudron
ac8add3 
Signed-off-by: jolheiser <john.olheiser@gmail.com>
@jolheiser jolheiser added type/docs This PR mainly updates/creates documentation skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. labels Dec 7, 2020
@silverwind
Copy link
Member

I think you may need both. From spec:

Hosts such as example.com (which matches any resource on the host, regardless of scheme) or *.example.com (which matches any resource on the host’s subdomains (and any of its subdomains' subdomains, and so on))

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 7, 2020
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Dec 7, 2020
@jolheiser
Just use FQDN
2b89c38 
Signed-off-by: jolheiser <john.olheiser@gmail.com>
@jolheiser
Copy link
Member Author

Alright, instead I just changed the docs to point to https://www.cloudron.io and updated the CSP for the same.

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 7, 2020
@silverwind
Copy link
Member

silverwind commented Dec 7, 2020
edited

Could as well embed the SVG I guess if the markdown renderer allows it, but I'm fine with it either way.

@codecov-io
Copy link

Codecov Report

Merging #13892 (2b89c38) into master (991ab89) will increase coverage by 0.06%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #13892      +/-   ##
==========================================
+ Coverage   42.16%   42.22%   +0.06%     
==========================================
  Files         708      708              
  Lines       77191    77191              
==========================================
+ Hits        32547    32594      +47     
+ Misses      39301    39237      -64     
- Partials     5343     5360      +17
Impacted Files Coverage Δ
modules/indexer/stats/queue.go 64.70% <0.00%> (-11.77%) ⬇️
modules/indexer/stats/db.go 43.47% <0.00%> (-8.70%) ⬇️
modules/git/utils.go 73.77% <0.00%> (-3.28%) ⬇️
modules/process/manager.go 72.50% <0.00%> (-2.50%) ⬇️
models/repo_list.go 78.57% <0.00%> (-0.90%) ⬇️
modules/git/repo.go 45.72% <0.00%> (-0.51%) ⬇️
services/pull/pull.go 40.19% <0.00%> (-0.50%) ⬇️
models/error.go 38.66% <0.00%> (-0.49%) ⬇️
models/gpg_key.go 53.90% <0.00%> (+0.57%) ⬆️
modules/git/blame.go 67.14% <0.00%> (+1.42%) ⬆️
... and 4 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 991ab89...2b89c38. Read the comment docs.

@jolheiser jolheiser merged commit a33db35 into go-gitea:master Dec 7, 2020
@jolheiser jolheiser deleted the cloudron branch December 7, 2020 22:17
@go-gitea go-gitea locked and limited conversation to collaborators Jan 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@silverwind silverwind silverwind approved these changes

@lafriks lafriks lafriks approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. type/docs This PR mainly updates/creates documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jolheiser @silverwind @codecov-io @lafriks @GiteaBot