Skip to content

Commit

Permalink
fix: add controller to 'CSP connect-src' if present (#217)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rentallect
rentallect authored Aug 6, 2024
1 parent 085a1c7 commit 6eb75e0
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion src/ZitiFirstStrategy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,11 @@ class ZitiFirstStrategy extends CacheFirst /* NetworkFirst */ {
let origCSP = this.parseCSP(val);
this.logger.trace( `generateNewCSP() origCSP: `, origCSP);

let idpURL = new URL(this._zitiBrowzerServiceWorkerGlobalScope._zitiConfig.idp.host);
let idpHost = idpURL.host;
let controllerURL = new URL(this._zitiBrowzerServiceWorkerGlobalScope._zitiConfig.controller.api);
let controllerHost = controllerURL.host;

if (origCSP['default-src']) {
origCSP['default-src'].push(`https://*.netfoundry.io:*`);
origCSP['default-src'].push(`https://*.cloudziti.io`);
Expand All @@ -203,10 +208,13 @@ class ZitiFirstStrategy extends CacheFirst /* NetworkFirst */ {
}

if (origCSP['connect-src']) {
origCSP['connect-src'].push(`${this._zitiBrowzerServiceWorkerGlobalScope._zitiConfig.idp.host}`);
origCSP['connect-src'].push(`${idpHost}`);
origCSP['connect-src'].push(`${this._zitiBrowzerServiceWorkerGlobalScope._zitiConfig.browzer.bootstrapper.self.host}`);
origCSP['connect-src'].push(`${controllerHost}`);
origCSP['connect-src'].push(`https://*.netfoundry.io:*`);
origCSP['connect-src'].push(`https://*.cloudziti.io`);
origCSP['connect-src'].push(`wss://*.netfoundry.io:*`);
origCSP['connect-src'].push(`wss://localhost:*`);
if (!origCSP['connect-src'].includes("data:")) {
origCSP['connect-src'].push("data:");
}
Expand Down

0 comments on commit 6eb75e0

Please sign in to comment.