@forge/csp
5.6.1-experimental-5b726e65.7.0-next.0
out/csp/csp-injection-service.js~
out/csp/csp-injection-service.jsModified+30−4
Index: package/out/csp/csp-injection-service.js
===================================================================
--- package/out/csp/csp-injection-service.js
+++ package/out/csp/csp-injection-service.js
@@ -100,8 +100,21 @@
return hostMap[microsEnv](icOptions);
}
return hostMap[microsEnv];
};
+const FOS_CDN_STANDARD_HOST = {
+ dev: 'https://object-store.stg.atlassian.com',
+ stg: 'https://object-store.stg.atlassian.com',
+ prod: 'https://object-store.atlassian.com'
+};
+const FOS_CDN_IC_HOST = makeICHosts((env, icOptions) => `https://object-store.${getICDomain(env, icOptions)}`);
+const FOS_CDN_PATH = '/os/ecosystem/installation/';
+const getFOSCDNHost = (microsEnv, icOptions) => {
+ if (isICEnvKey(microsEnv)) {
+ return icOptions ? FOS_CDN_IC_HOST[microsEnv](icOptions) : undefined;
+ }
+ return FOS_CDN_STANDARD_HOST[microsEnv];
+};
const getFOSHostDownload = (microsEnv, icOptions) => {
const fosHost = getAtlassianHost('ATLASSIAN_FOS_HOST', microsEnv, icOptions);
return isICEnvKey(microsEnv)
? [`${fosHost}/fos/app/download/`, `${fosHost}/fos/cdn/download/`]
@@ -112,8 +125,12 @@
return isICEnvKey(microsEnv)
? [`${fosHost}/fos/app/upload/`, `${fosHost}/fos/cdn/upload/`]
: [`${fosHost}/fos-eap/upload/`, `${fosHost}/fos/app/upload/`, `${fosHost}/fos/cdn/upload/`];
};
+const getFOSCDNUrls = (microsEnv, icOptions) => {
+ const fosCDNHost = getFOSCDNHost(microsEnv, icOptions);
+ return fosCDNHost ? [`${fosCDNHost}${FOS_CDN_PATH}`] : [];
+};
const getAtlassianImageHost = (microsEnv, icOptions) => {
return [
`https://${getAtlassianHost('ATLASSIAN_AVATAR_HOST', microsEnv, icOptions)}`,
`https://*.wp.com/${getAtlassianHost('ATLASSIAN_AVATAR_HOST', microsEnv, icOptions)}/`,
@@ -130,26 +147,30 @@
class CSPInjectionService {
constructor() {
this.getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions, macroParentHost }) => {
const reportUri = tunnelCSPReporterUri || this.getCSPReportUri(microsEnv, icOptions);
- const defaultSrc = ["'self'", ...getFOSHostDownload(microsEnv, icOptions)].join(' ');
+ const fosCDNUrls = getFOSCDNUrls(microsEnv, icOptions);
+ const defaultSrc = ["'self'", ...getFOSHostDownload(microsEnv, icOptions), ...fosCDNUrls].join(' ');
const frameAncestors = [
"'self'",
...this.getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost),
- ...getFOSHostDownload(microsEnv, icOptions)
+ ...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls
].join(' ');
const frameSrc = [
"'self'",
hostname,
getAtlassianHost('ATLASSIAN_MEDIA_GATEWAY_HOST', microsEnv, icOptions),
...this.getExistingCSPDetails(types_1.ExternalCspType.FRAME_SRC, existingCSPDetails),
- ...getFOSHostDownload(microsEnv, icOptions)
+ ...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls
]
.filter((a) => a)
.join(' ');
const fontSrc = [
"'self'",
...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls,
...this.getExistingCSPDetails(types_1.ExternalCspType.FONT_SRC, existingCSPDetails)
].join(' ');
const imgSrc = [
"'self'",
@@ -157,8 +178,9 @@
'blob:',
hostname,
...exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS,
...(0, exports.getAtlassianImageHost)(microsEnv, icOptions),
+ ...fosCDNUrls,
...this.getExistingCSPDetails(types_1.ExternalCspType.IMG_SRC, existingCSPDetails)
]
.filter((a) => a)
.join(' ');
@@ -168,9 +190,10 @@
'blob:',
hostname,
getAtlassianHost('ATLASSIAN_MEDIA_GATEWAY_HOST', microsEnv, icOptions),
...this.getExistingCSPDetails(types_1.ExternalCspType.MEDIA_SRC, existingCSPDetails),
- ...getFOSHostDownload(microsEnv, icOptions)
+ ...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls
]
.filter((a) => a)
.join(' ');
const connectSrc = [
@@ -185,15 +208,17 @@
const scriptSrc = [
"'self'",
this.getForgeGlobalCSP(microsEnv, isFedRAMP, icOptions),
...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls,
...this.getExistingCSPDetails(types_1.ExternalCspType.SCRIPT_SRC, existingCSPDetails)
].join(' ');
const styleSrc = [
"'self'",
hostname,
this.getForgeGlobalCSP(microsEnv, isFedRAMP, icOptions),
...getFOSHostDownload(microsEnv, icOptions),
+ ...fosCDNUrls,
...this.getExistingCSPDetails(types_1.ExternalCspType.STYLE_SRC, existingCSPDetails)
]
.filter((a) => a)
.join(' ');
@@ -252,8 +277,9 @@
allowed.push(fopGeHost);
}
allowed.push(...getFOSHostDownload(microsEnv, icOptions));
allowed.push(...getFOSHostUpload(microsEnv, icOptions));
+ allowed.push(...getFOSCDNUrls(microsEnv, icOptions));
return allowed;
}
getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost) {
let frameAncestors = [];