hendrik/lens
1
0
Fork 0
mirror of https://github.com/lensapp/lens.git synced 2025-05-20 05:10:56 +00:00
Code Issues Projects Releases Wiki Activity

Enable csp on lens proxy (#5581)

Browse Source 
* enable csp on lens proxy

Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com>

* move csp default value to package.json

Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com>
This commit is contained in:
Jari Kolehmainen 2022-06-09 13:39:37 +03:00 committed by GitHub
parent 2b5d54e8d9
commit 240dfad167
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
package.json
View File

@ -49,7 +49,8 @@
"k8sProxyVersion": "0.2.1", "k8sProxyVersion": "0.2.1",
"bundledKubectlVersion": "1.23.3", "bundledKubectlVersion": "1.23.3",
"bundledHelmVersion": "3.7.2", "bundledHelmVersion": "3.7.2",
"sentryDsn": "" "sentryDsn": "",
"contentSecurityPolicy": "script-src 'unsafe-eval' 'self'; frame-src http://*.localhost:*/; img-src *"
}, },
"engines": { "engines": {
"node": ">=16 <17" "node": ">=16 <17"

1
src/common/vars.ts
View File

@ -143,3 +143,4 @@ export const appSemVer = new SemVer(packageInfo.version);
export const docsUrl = "https://docs.k8slens.dev/main/" as string; export const docsUrl = "https://docs.k8slens.dev/main/" as string;
export const sentryDsn = packageInfo.config?.sentryDsn ?? ""; export const sentryDsn = packageInfo.config?.sentryDsn ?? "";
export const contentSecurityPolicy = packageInfo.config?.contentSecurityPolicy ?? "";

6
src/main/lens-proxy/lens-proxy.ts
View File

@ -7,7 +7,7 @@ import net from "net";
import type http from "http"; import type http from "http";
import spdy from "spdy"; import spdy from "spdy";
import type httpProxy from "http-proxy"; import type httpProxy from "http-proxy";
import { apiPrefix, apiKubePrefix } from "../../common/vars"; import { apiPrefix, apiKubePrefix, contentSecurityPolicy } from "../../common/vars";
import type { Router } from "../router/router"; import type { Router } from "../router/router";
import type { ClusterContextHandler } from "../context-handler/context-handler"; import type { ClusterContextHandler } from "../context-handler/context-handler";
import logger from "../logger"; import logger from "../logger";
@ -239,6 +239,10 @@ export class LensProxy {
} }
} }
if (contentSecurityPolicy) {
res.setHeader("Content-Security-Policy", contentSecurityPolicy);
}
this.dependencies.router.route(cluster, req, res); this.dependencies.router.route(cluster, req, res);
} }
} }