Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(FR-462): inject nonce in antd's ConfigProvider #3099

Open
wants to merge 1 commit into
base: feature/convert-inline-styles-to-class
Choose a base branch
from
Open

feat(FR-462): inject nonce in antd's ConfigProvider #3099

wants to merge 1 commit into from
+3 −1

Conversation

agatha197
Copy link
Contributor

@agatha197 agatha197 commented Feb 5, 2025
edited
Loading

resolves #3098 (FR-462)
related with lablup/backend.ai#3585

Added CSP nonce support to the AntD ConfigProvider to enable Content Security Policy compatibility in the React application. This allows the application to properly handle style injection when CSP is enabled. The webserver will replace the '{{nonce}}' string with proper nonce value.

Checklist:

  • Documentation
  • Test case(s) to demonstrate the difference of before/after

@github-actions github-actions bot added the size:XS ~10 LoC label Feb 5, 2025
@agatha197 Graphite App
Copy link
Contributor Author

agatha197 commented Feb 5, 2025
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • flow:merge-queue - adds this PR to the back of the merge queue
  • flow:hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has required the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

@agatha197 agatha197 mentioned this pull request Feb 5, 2025
Draft
5 tasks
@agatha197 agatha197 force-pushed the feature/convert-inline-styles-to-class branch from 4d1c649 to 7968762 Compare February 5, 2025 05:34
@agatha197 agatha197 force-pushed the feat/inject-nonce-to-react-components branch from b9fe8ed to 325073c Compare February 5, 2025 05:35
HyeockJinKim
HyeockJinKim reviewed Feb 6, 2025
View reviewed changes
react/src/components/DefaultProviders.tsx Outdated
@@ -327,6 +327,7 @@ export const DefaultProvidersForReactRoot: React.FC<
? theme.darkAlgorithm
: theme.defaultAlgorithm,
}}
csp={{ nonce: '{{nonce}}' }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I remember there was a discussion about separating the variable that receives the {{nonce}} value and referencing that variable in other locations.

@agatha197 agatha197 force-pushed the feature/convert-inline-styles-to-class branch from 7968762 to 0265490 Compare February 12, 2025 07:02
@agatha197 agatha197 force-pushed the feat/inject-nonce-to-react-components branch from 325073c to 5e7e75f Compare February 12, 2025 07:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yomybaby yomybaby Awaiting requested review from yomybaby

@HyeockJinKim HyeockJinKim Awaiting requested review from HyeockJinKim

Assignees

@agatha197 agatha197

Labels
size:XS ~10 LoC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@agatha197 @HyeockJinKim