authelia

Commit Graph

Author	SHA1	Message	Date
Amir Zarrinkafsh	54694c4fca	[MISC] Ignore errcheck recommendations for legacy code (#893 ) * [MISC] Ignore errcheck recommendations for legacy code Some of this is likely intended to stay how it is, some could use refactoring, for now we will mark is and ignore it from the linter to be potentially addressed in the future. * [MISC] Ensure files are gofmt-ed	2020-04-22 13:33:14 +10:00
Clément Michaud	b12d9d405f	[FEATURE] Add Content-Security-Policy meta to login portal. (#822 ) CSP is used to avoid some attacks where the hacker tries to execute untrusted code in the browser. The policy is to use assets hosted on the the original website and in order to make CSP work with material UI, a nonce is generated at each request of index.html and injected in the template as well as provided in the Content-Security-Policy header (https://material-ui.com/styles/advanced/#how-does-one-implement-csp) Fix #815	2020-04-21 10:23:28 +10:00

Author

SHA1

Message

Date

Amir Zarrinkafsh

54694c4fca

[MISC] Ignore errcheck recommendations for legacy code (#893 )

* [MISC] Ignore errcheck recommendations for legacy code
Some of this is likely intended to stay how it is, some could use refactoring, for now we will mark is and ignore it from the linter to be potentially addressed in the future.

* [MISC] Ensure files are gofmt-ed

2020-04-22 13:33:14 +10:00

Clément Michaud

b12d9d405f

[FEATURE] Add Content-Security-Policy meta to login portal. (#822 )

CSP is used to avoid some attacks where the hacker tries to execute
untrusted code in the browser.

The policy is to use assets hosted on the the original website and in order to make CSP work with material UI, a nonce is generated at each request of index.html and injected in the template as well as provided in the Content-Security-Policy header (https://material-ui.com/styles/advanced/#how-does-one-implement-csp)

Fix #815

2020-04-21 10:23:28 +10:00

2 Commits (ff2df8b0396fcfbdd5486ed06095d5de3cc2c286)