zot/.zap at 07bfc8ab9568b873aa97edf309079781dae4b627 - Infrastructure/zot

mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00

History

Andrei Aaron e63faa8898 fix(csp): upgrade UI and fix zap failure (#1372 ) The zap scanner started to check the csp header, which is causing a warning. We also need to ignore the rule, as both settings are read by the scanner. Per https://w3c.github.io/webappsec-csp/#example-7bb4ce67 we can have multiple Content-Security-Policy headers, and the most restrictive policies apply. This rule doesn't seem to be applied by zap. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2023-04-13 13:48:09 -07:00
..
rules.tsv	fix(csp): upgrade UI and fix zap failure (#1372 )	2023-04-13 13:48:09 -07:00

fix(csp): upgrade UI and fix zap failure (#1372 )

The zap scanner started to check the csp header, which is causing a warning.

We also need to ignore the rule, as both settings are read by the scanner.

Per https://w3c.github.io/webappsec-csp/#example-7bb4ce67 we can have multiple
Content-Security-Policy headers, and the most restrictive policies apply.
This rule doesn't seem to be applied by zap.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

2023-04-13 13:48:09 -07:00

rules.tsv

fix(csp): upgrade UI and fix zap failure (#1372 )

2023-04-13 13:48:09 -07:00