npm package diff
Package: @forge/csp
Versions: 4.2.0 - 4.2.0-experimental-959d7b9
Modified: package/out/csp/csp-injection-service.js
Index: package/out/csp/csp-injection-service.js
===================================================================
--- package/out/csp/csp-injection-service.js
+++ package/out/csp/csp-injection-service.js
@@ -1,67 +1,70 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.CSPInjectionService = exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = exports.getAtlassianImageHost = void 0;
const types_1 = require("../types");
+const isICEnvKey = (env) => env === 'ic-prod' || env === 'ic-stg';
+const getICDomain = (env, icLabel) => `${icLabel}.${env === 'ic-prod' ? 'atlassian-isolated.net' : 'oasis-stg.com'}`;
+const makeICHosts = (targetHostFunction) => {
+ return {
+ 'ic-stg': (icOptions) => targetHostFunction('ic-stg', icOptions),
+ 'ic-prod': (icOptions) => targetHostFunction('ic-prod', icOptions)
+ };
+};
const ATLASSIAN_HOST = {
ATLASSIAN_API_GATEWAY_HOST: {
dev: 'https://api.dev.atlassian.com',
stg: 'https://api.stg.atlassian.com',
prod: 'https://api.atlassian.com',
'fedramp-stg': 'https://api.stg.atlassian-us-gov-mod.com',
'fedramp-prod': 'https://api.atlassian-us-gov-mod.com',
- 'ic-stg': (_icOptions) => 'https://api.pear.oasis-stg.com',
- 'ic-prod': ({ icLabel }) => `https://api.${icLabel}.atlassian-isolated.net`
+ ...makeICHosts((env, { icLabel }) => `https://api.${getICDomain(env, icLabel)}`)
},
ATLASSIAN_MEDIA_GATEWAY_HOST: {
dev: 'https://media.dev.atl-paas.net',
stg: 'https://media.staging.atl-paas.net',
prod: 'https://api.media.atlassian.com',
'fedramp-stg': 'https://api-media.stg.atlassian-us-gov-mod.com',
'fedramp-prod': 'https://api-media.atlassian-us-gov-mod.com',
- 'ic-stg': (_icOptions) => 'https://media-api.pear.oasis-stg.com',
- 'ic-prod': ({ icLabel }) => `https://media-api.${icLabel}.atlassian-isolated.net`
+ ...makeICHosts((env, { icLabel }) => `https://media-api.${getICDomain(env, icLabel)}`)
},
ATLASSIAN_AVATAR_HOST: {
dev: 'avatar-management--avatars.us-west-2.staging.public.atl-paas.net',
stg: 'avatar-management--avatars.us-west-2.staging.public.atl-paas.net',
prod: 'avatar-management--avatars.us-west-2.prod.public.atl-paas.net',
'fedramp-stg': 'avatar-management--avatars.us-east-1.staging.cdn.atlassian-us-gov-mod.com',
'fedramp-prod': 'avatar-management--avatars.us-east-1.prod.cdn.atlassian-us-gov-mod.com',
'ic-stg': (_icOptions) => 'avatar-management--avatars.us-west-2.staging.public.atl-paas.net',
- 'ic-prod': ({ icLabel }) => 'avatar-management--avatars.us-west-2.prod.public.atl-paas.net'
+ 'ic-prod': (_icOptions) => 'avatar-management--avatars.us-west-2.prod.public.atl-paas.net'
},
ATLASSIAN_TEAM_HEADER_HOST: {
dev: 'https://ptc-directory-sited-static.us-east-1.staging.public.atl-paas.net/gradients/',
stg: 'https://ptc-directory-sited-static.us-east-1.staging.public.atl-paas.net/gradients/',
prod: 'https://ptc-directory-sited-static.us-east-1.prod.public.atl-paas.net/gradients/',
'fedramp-stg': 'https://teams-directory-frontend.frontend.cdn.atlassian-us-gov-mod.com/assets/',
'fedramp-prod': 'https://teams-directory-frontend.frontend.cdn.atlassian-us-gov-mod.com/assets/',
- 'ic-stg': (_icOptions) => 'https://teams-directory-frontend.services.pear.oasis-stg.com/bfa/',
- 'ic-prod': ({ icLabel }) => `https://teams-directory-frontend.services.${icLabel}.atlassian-isolated.net/bfa/`
+ ...makeICHosts((env, { icLabel }) => `https://teams-directory-frontend.services.${getICDomain(env, icLabel)}/bfa/`)
},
ATLASSIAN_TEAM_AVATAR_HOST: {
dev: 'https://teams-directory-frontend.stg-east.frontend.public.atl-paas.net/assets/',
stg: 'https://teams-directory-frontend.stg-east.frontend.public.atl-paas.net/assets/',
prod: 'https://teams-directory-frontend.prod-east.frontend.public.atl-paas.net/assets/',
'fedramp-stg': 'https://teams-directory-frontend.frontend.cdn.atlassian-us-gov-mod.com/assets/',
'fedramp-prod': 'https://teams-directory-frontend.frontend.cdn.atlassian-us-gov-mod.com/assets/',
- 'ic-stg': (_icOptions) => 'https://teams-directory-frontend.services.pear.oasis-stg.com/bfa/',
- 'ic-prod': ({ icLabel }) => `https://teams-directory-frontend.services.${icLabel}.atlassian-isolated.net/bfa/`
+ ...makeICHosts((env, { icLabel }) => `https://teams-directory-frontend.services.${getICDomain(env, icLabel)}/bfa/`)
},
ATLASSIAN_EMOJIS_HOST: {
dev: 'https://pf-emoji-service--cdn.ap-southeast-2.dev.public.atl-paas.net',
stg: 'https://pf-emoji-service--cdn.us-east-1.staging.public.atl-paas.net',
prod: 'https://pf-emoji-service--cdn.us-east-1.prod.public.atl-paas.net',
'fedramp-stg': 'https://pf-emoji-service--cdn.us-east-1.staging.cdn.atlassian-us-gov-mod.com',
'fedramp-prod': 'https://pf-emoji-service--cdn.us-east-1.prod.cdn.atlassian-us-gov-mod.com',
- 'ic-stg': (_icOptions) => 'https://pf-emoji-service.pear.oasis-stg.com',
- 'ic-prod': ({ icLabel }) => `https://pf-emoji-service.${icLabel}.atlassian-isolated.net`
+ ...makeICHosts((env, { icLabel }) => `https://pf-emoji-service.${getICDomain(env, icLabel)}`)
}
};
const getAtlassianHost = (hostType, microsEnv, icOptions) => {
const hostMap = ATLASSIAN_HOST[hostType];
- if (microsEnv === 'ic-prod' || microsEnv === 'ic-stg') {
+ if (isICEnvKey(microsEnv)) {
if (!icOptions) {
throw new Error('Missing IC label');
}
return hostMap[microsEnv](icOptions);
@@ -81,32 +84,25 @@
};
exports.getAtlassianImageHost = getAtlassianImageHost;
exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
class CSPInjectionService {
- isIsolatedContext(microsEnv, icOptions) {
- return microsEnv.startsWith('ic') && !!icOptions;
- }
getCSPReportUri(microsEnv, icOptions) {
- const serviceName = this.isIsolatedContext(microsEnv, icOptions) ? icOptions.serviceName : 'forge-cdn';
+ const serviceName = isICEnvKey(microsEnv) && icOptions ? icOptions.serviceName : 'forge-cdn';
if (microsEnv === 'dev' || microsEnv === 'stg')
return `https://web-security-reports.stg.services.atlassian.com/csp-report/${serviceName}`;
return `https://web-security-reports.services.atlassian.com/csp-report/${serviceName}`;
}
getForgeGlobalCSP(microsEnv, isFedRAMP = false, icOptions) {
- if (this.isIsolatedContext(microsEnv, icOptions)) {
- return microsEnv === 'ic-stg'
- ? 'https://forge.forge-cdn.pear.oasis-stg.com'
- : `https://forge.forge-cdn.${icOptions.icLabel}.atlassian-isolated.net`;
+ if (isICEnvKey(microsEnv) && icOptions) {
+ return `https://forge.forge-cdn.${getICDomain(microsEnv, icOptions.icLabel)}`;
}
return isFedRAMP
? `https://forge.cdn.${microsEnv.split('-')[1]}.atlassian-dev-us-gov-mod.net`
: `https://forge.cdn.${microsEnv}.atlassian-dev.net`;
}
getMetalClientCSP(microsEnv, icOptions) {
- if (this.isIsolatedContext(microsEnv, icOptions)) {
- return microsEnv === 'ic-stg'
- ? 'https://api.pear.oasis-stg/metal/ingest'
- : `https://api.${icOptions.icLabel}.atlassian-isolated.net/metal/ingest`;
+ if (isICEnvKey(microsEnv) && icOptions) {
+ return `https://api.${getICDomain(microsEnv, icOptions.icLabel)}/metal/ingest`;
}
return `https://api.${microsEnv === 'prod' ? '' : 'stg.'}atlassian.com/metal/ingest`;
}
getExistingCSPDetails(cspType, cspDetails) {
@@ -122,9 +118,9 @@
allowed.push(`${getAtlassianHost('ATLASSIAN_API_GATEWAY_HOST', microsEnv, icOptions)}/gateway/api/emoji/`);
allowed.push(getAtlassianHost('ATLASSIAN_MEDIA_GATEWAY_HOST', microsEnv, icOptions));
return allowed;
}
- getFrameAncestors(microsEnv, hostname) {
+ getFrameAncestors(microsEnv, hostname, icOptions) {
let frameAncestors = [];
switch (microsEnv) {
case 'dev':
case 'stg':
@@ -143,12 +139,12 @@
case 'fedramp-prod':
frameAncestors = ['*.atlassian-us-gov-mod.net'];
break;
case 'ic-stg':
- frameAncestors = ['*.oasis-stg.com'];
- break;
case 'ic-prod':
- frameAncestors = ['*.atlassian-isolated.net'];
+ if (icOptions) {
+ frameAncestors = [`*.${getICDomain(microsEnv, icOptions.icLabel)}`];
+ }
break;
case 'prod':
default:
frameAncestors = [
@@ -167,9 +163,9 @@
}
getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions }) => {
const reportUri = tunnelCSPReporterUri || this.getCSPReportUri(microsEnv, icOptions);
const defaultSrc = `'self'`;
- const frameAncestors = ["'self'", ...this.getFrameAncestors(microsEnv, hostname)].join(' ');
+ const frameAncestors = ["'self'", ...this.getFrameAncestors(microsEnv, hostname, icOptions)].join(' ');
const frameSrc = ["'self'", hostname, ...this.getExistingCSPDetails(types_1.ExternalCspType.FRAME_SRC, existingCSPDetails)]
.filter((a) => a)
.join(' ');
const fontSrc = ["'self'", ...this.getExistingCSPDetails(types_1.ExternalCspType.FONT_SRC, existingCSPDetails)].join(' ');Modified: package/package.json
Index: package/package.json
===================================================================
--- package/package.json
+++ package/package.json
@@ -1,7 +1,7 @@
{
"name": "@forge/csp",
- "version": "4.2.0",
+ "version": "4.2.0-experimental-959d7b9",
"description": "Contains the CSP configuration for Custom UI resources in Forge",
"main": "out/index.js",
"author": "Atlassian",
"license": "SEE LICENSE IN LICENSE.txt",Modified: package/out/csp/csp-injection-service.d.ts.map
Index: package/out/csp/csp-injection-service.d.ts.map
===================================================================
--- package/out/csp/csp-injection-service.d.ts.map
+++ package/out/csp/csp-injection-service.d.ts.map
@@ -1,1 +1,1 @@
-{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AAEvD,aAAK,SAAS,GAAG;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AA6FF,eAAO,MAAM,qBAAqB,cAAe,iBAAiB,cAAc,SAAS,KAAG,MAAM,EAUjG,CAAC;AAMF,eAAO,MAAM,kCAAkC,UAAiE,CAAC;AAEjH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,iBAAiB;IAIzB,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAqBrB,OAAO,CAAC,iBAAiB;IAiDlB,gBAAgB;4BAQD,UAAU;mBACnB,iBAAiB;;;;;UAK1B,MAAM,EAAE,CA8DV;CACH"}
\ No newline at end of file
+{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AAEvD,aAAK,SAAS,GAAG;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAiGF,eAAO,MAAM,qBAAqB,cAAe,iBAAiB,cAAc,SAAS,KAAG,MAAM,EAUjG,CAAC;AAMF,eAAO,MAAM,kCAAkC,UAAiE,CAAC;AAEjH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAqBrB,OAAO,CAAC,iBAAiB;IAiDlB,gBAAgB;4BAQD,UAAU;mBACnB,iBAAiB;;;;;UAK1B,MAAM,EAAE,CA8DV;CACH"}
\ No newline at end of fileModified: package/CHANGELOG.md
Index: package/CHANGELOG.md
===================================================================
--- package/CHANGELOG.md
+++ package/CHANGELOG.md
@@ -1,6 +1,12 @@
# @forge/csp
+## 4.2.0-experimental-959d7b9
+
+### Patch Changes
+
+- aebd633: Patch @forge/csp IC frame ancestors csp bug
+
## 4.2.0
### Minor ChangesModified: package/out/csp/csp-injection-service.d.ts
Index: package/out/csp/csp-injection-service.d.ts
===================================================================
--- package/out/csp/csp-injection-service.d.ts
+++ package/out/csp/csp-injection-service.d.ts
@@ -6,9 +6,8 @@
};
export declare const getAtlassianImageHost: (microsEnv: LambdaEnvironment, icOptions?: IcOptions) => string[];
export declare const EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS: string[];
export declare class CSPInjectionService {
- private isIsolatedContext;
private getCSPReportUri;
private getForgeGlobalCSP;
private getMetalClientCSP;
private getExistingCSPDetails;