config: report CSP violations to report-uri
This commit is contained in:
parent
0b2775a1a6
commit
6fa52e8a5a
3 changed files with 6 additions and 0 deletions
|
@ -93,6 +93,9 @@ DS_ENV="staging"
|
||||||
# External service: Matomo web analytics
|
# External service: Matomo web analytics
|
||||||
MATOMO_IFRAME_URL="https://matomo.example.org/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli"
|
MATOMO_IFRAME_URL="https://matomo.example.org/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli"
|
||||||
|
|
||||||
|
# An URI used to report requests breaking the Content Security Policy
|
||||||
|
# CSP_REPORT_URI="https://myappname.report-uri.com/r/d/csp/reportOnly"
|
||||||
|
|
||||||
# Instance provider
|
# Instance provider
|
||||||
# PROVIDED_BY="la DINUM"
|
# PROVIDED_BY="la DINUM"
|
||||||
# PROVIDER_NAME="DINUM"
|
# PROVIDER_NAME="DINUM"
|
||||||
|
|
|
@ -47,5 +47,6 @@ FAQ_ERREUR_SIRET_URL = [FAQ_URL, "article", "4-erreur-siret"].join("/")
|
||||||
STATUS_PAGE_URL = ENV.fetch("STATUS_PAGE_URL", "https://status.demarches-simplifiees.fr")
|
STATUS_PAGE_URL = ENV.fetch("STATUS_PAGE_URL", "https://status.demarches-simplifiees.fr")
|
||||||
DEMANDE_INSCRIPTION_ADMIN_PAGE_URL = ENV.fetch("DEMANDE_INSCRIPTION_ADMIN_PAGE_URL", "https://www.demarches-simplifiees.fr/commencer/demande-d-inscription-a-demarches-simplifiees")
|
DEMANDE_INSCRIPTION_ADMIN_PAGE_URL = ENV.fetch("DEMANDE_INSCRIPTION_ADMIN_PAGE_URL", "https://www.demarches-simplifiees.fr/commencer/demande-d-inscription-a-demarches-simplifiees")
|
||||||
MATOMO_IFRAME_URL = ENV.fetch("MATOMO_IFRAME_URL", "https://#{ENV.fetch('MATOMO_HOST', 'stats.data.gouv.fr')}/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli")
|
MATOMO_IFRAME_URL = ENV.fetch("MATOMO_IFRAME_URL", "https://#{ENV.fetch('MATOMO_HOST', 'stats.data.gouv.fr')}/index.php?module=CoreAdminHome&action=optOut&language=fr&&fontColor=333333&fontSize=16px&fontFamily=Muli")
|
||||||
|
CSP_REPORT_URI = ENV.fetch("CSP_REPORT_URI", "")
|
||||||
|
|
||||||
# rubocop:enable DS/ApplicationName
|
# rubocop:enable DS/ApplicationName
|
||||||
|
|
|
@ -42,6 +42,8 @@ Rails.application.config.content_security_policy do |policy|
|
||||||
policy.report_uri "http://#{ENV.fetch('APP_HOST')}/csp/"
|
policy.report_uri "http://#{ENV.fetch('APP_HOST')}/csp/"
|
||||||
# En développement, quand bin/webpack-dev-server est utilisé, on autorise les requêtes faites par le live-reload
|
# En développement, quand bin/webpack-dev-server est utilisé, on autorise les requêtes faites par le live-reload
|
||||||
policy.connect_src(*policy.connect_src, "ws://localhost:3035", "http://localhost:3035")
|
policy.connect_src(*policy.connect_src, "ws://localhost:3035", "http://localhost:3035")
|
||||||
|
else
|
||||||
|
policy.report_uri CSP_REPORT_URI if CSP_REPORT_URI.present?
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue