Files

Return to Package Diff Home.
Brought to you by Intrinsic.

Package Diff: @forge/csp @ 0.1.0 .. 0.1.1

CHANGELOG.md

@@ -1,5 +1,17 @@
# @forge/csp
+## 0.1.1
+
+### Patch Changes
+
+- 69064a4: Add secure.gravatar.com to img-src
+
+## 0.1.1-next.0
+
+### Patch Changes
+
+- 69064a4: Add secure.gravatar.com to img-src
+
## 0.1.0
### Minor Changes

out/csp-injection-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../src/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAQ1C,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAMvB,OAAO,CAAC,iBAAiB;IAKlB,gBAAgB,uBAAwB,UAAU,OAAO,iBAAiB,KAAG,MAAM,EAAE,CAkB1F;CACH"}
\ No newline at end of file
+{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../src/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAS1C,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAMvB,OAAO,CAAC,iBAAiB;IAKlB,gBAAgB,uBAAwB,UAAU,OAAO,iBAAiB,KAAG,MAAM,EAAE,CAkB1F;CACH"}
\ No newline at end of file

out/csp-injection-service.js

@@ -6,12 +6,13 @@
stg: ['https://avatar-management--avatars.us-west-2.staging.public.atl-paas.net'],
prod: ['https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net']
};
+const gravatarUrl = 'https://secure.gravatar.com';
class CSPInjectionService {
constructor() {
this.getInjectableCSP = (existingCspDetails, env) => {
const reportUri = this.getCSPReportUri(env);
const defaultSrc = `'self'`;
- const imgSrc = ["'self'", 'data:', 'blob:', ...avatarCdnHosts[env]].join(' ');
+ const imgSrc = ["'self'", 'data:', 'blob:', gravatarUrl, ...avatarCdnHosts[env]].join(' ');
const mediaSrc = ["'self'", 'data:', 'blob:'].join(' ');
const scriptSrc = ["'self'", this.getForgeGlobalCSP(env), ...existingCspDetails['script-src']].join(' ');
const styleSrc = ["'self'", ...existingCspDetails['style-src']].join(' ');

package.json

@@ -1,6 +1,6 @@
{
"name": "@forge/csp",
- "version": "0.1.0",
+ "version": "0.1.1",
"description": "Contains the CSP configuration for Custom UI resources in Forge",
"main": "out/index.js",
"author": "Atlassian",
@@ -11,7 +11,7 @@
"clean": "rm -rf ./out && rm -f tsconfig.tsbuildinfo"
},
"devDependencies": {
- "@forge/cli-shared": "^0.13.0",
+ "@forge/cli-shared": "^0.14.0",
"@types/jest": "^26.0.0"
},
"dependencies": {