@forge/csp
5.7.0-experimental-a6c65195.8.0-next.0
~
Modified (5 files)
Index: package/out/csp/csp-injection-service.js
===================================================================
--- package/out/csp/csp-injection-service.js
+++ package/out/csp/csp-injection-service.js
@@ -145,15 +145,15 @@
exports.getAtlassianImageHost = getAtlassianImageHost;
exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
class CSPInjectionService {
constructor() {
- this.getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions, macroParentHost }) => {
+ this.getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions, macroParentHost, connectMacroParentDomain }) => {
const reportUri = tunnelCSPReporterUri || this.getCSPReportUri(microsEnv, icOptions);
const fosCDNUrls = getFOSCDNUrls(microsEnv, icOptions);
const defaultSrc = ["'self'", ...getFOSHostDownload(microsEnv, icOptions), ...fosCDNUrls].join(' ');
const frameAncestors = [
"'self'",
- ...this.getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost),
+ ...this.getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost, connectMacroParentDomain),
...getFOSHostDownload(microsEnv, icOptions),
...fosCDNUrls
].join(' ');
const frameSrc = [
@@ -280,9 +280,9 @@
allowed.push(...getFOSHostUpload(microsEnv, icOptions));
allowed.push(...getFOSCDNUrls(microsEnv, icOptions));
return allowed;
}
- getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost) {
+ getFrameAncestors(microsEnv, hostname, icOptions, macroParentHost, connectMacroParentDomain) {
let frameAncestors = [];
const localhostWithPortRegex = /^localhost:\d+$/;
switch (microsEnv) {
case 'dev':
@@ -329,8 +329,11 @@
}
}
break;
}
+ if (connectMacroParentDomain) {
+ frameAncestors.push(connectMacroParentDomain);
+ }
if (hostname) {
frameAncestors.push(hostname);
}
return frameAncestors;Index: package/package.json
===================================================================
--- package/package.json
+++ package/package.json
@@ -1,7 +1,7 @@
{
"name": "@forge/csp",
- "version": "5.7.0-experimental-a6c6519",
+ "version": "5.8.0-next.0",
"description": "Contains the CSP configuration for Custom UI resources in Forge",
"main": "out/index.js",
"author": "Atlassian",
"license": "SEE LICENSE IN LICENSE.txt",
@@ -10,10 +10,10 @@
"compile": "tsc -b -v",
"clean": "rm -rf ./out && rm -f tsconfig.tsbuildinfo"
},
"devDependencies": {
- "@forge/cli-shared": "8.20.0-experimental-a6c6519",
- "@forge/manifest": "12.6.0-experimental-a6c6519",
+ "@forge/cli-shared": "8.21.0-next.0",
+ "@forge/manifest": "12.6.0",
"@types/jest": "^29.5.14",
"@types/node": "20.19.1",
"cheerio": "^1.1.0"
},Index: package/out/csp/csp-injection-service.d.ts.map
===================================================================
--- package/out/csp/csp-injection-service.d.ts.map
+++ package/out/csp/csp-injection-service.d.ts.map
@@ -1,1 +1,1 @@
-{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AAEvD,aAAK,iBAAiB,GAAG;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAIF,aAAK,oBAAoB,GAAG;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,MAAM,CAAC;CAC3B,CAAC;AAEF,aAAK,SAAS,GAAG,iBAAiB,GAAG,oBAAoB,CAAC;AA8K1D,eAAO,MAAM,qBAAqB,cAAe,iBAAiB,cAAc,SAAS,KAAG,MAAM,EAWjG,CAAC;AAMF,eAAO,MAAM,kCAAkC,UAAiE,CAAC;AAEjH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAmCrB,OAAO,CAAC,iBAAiB;IAkElB,gBAAgB;4BASD,UAAU;mBACnB,iBAAiB;;;;;;UAM1B,MAAM,EAAE,CAgGV;CACH"}
\ No newline at end of file
+{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AAEvD,aAAK,iBAAiB,GAAG;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAIF,aAAK,oBAAoB,GAAG;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,MAAM,CAAC;CAC3B,CAAC;AAEF,aAAK,SAAS,GAAG,iBAAiB,GAAG,oBAAoB,CAAC;AA+K1D,eAAO,MAAM,qBAAqB,cAAe,iBAAiB,cAAc,SAAS,KAAG,MAAM,EAWjG,CAAC;AAMF,eAAO,MAAM,kCAAkC,UAAiE,CAAC;AAEjH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,iBAAiB;IASzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAmCrB,OAAO,CAAC,iBAAiB;IAuElB,gBAAgB;4BAUD,UAAU;mBACnB,iBAAiB;;;;;;;UAO1B,MAAM,EAAE,CAgGV;CACH"}
\ No newline at end of fileIndex: package/CHANGELOG.md
===================================================================
--- package/CHANGELOG.md
+++ package/CHANGELOG.md
@@ -1,6 +1,12 @@
# @forge/csp
+## 5.8.0-next.0
+
+### Minor Changes
+
+- e7fa544: add support for connect domain to frame ancestors
+
## 5.7.0
### Minor ChangesIndex: package/out/csp/csp-injection-service.d.ts
===================================================================
--- package/out/csp/csp-injection-service.d.ts
+++ package/out/csp/csp-injection-service.d.ts
@@ -17,16 +17,17 @@
private getMetalClientCSP;
private getExistingCSPDetails;
private getConnectSrc;
private getFrameAncestors;
- getInjectableCSP: ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions, macroParentHost }: {
+ getInjectableCSP: ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP, icOptions, macroParentHost, connectMacroParentDomain }: {
existingCSPDetails: CSPDetails;
microsEnv: LambdaEnvironment;
tunnelCSPReporterUri?: string | undefined;
hostname?: string | undefined;
isFedRAMP?: boolean | undefined;
icOptions?: IcOptions | undefined;
macroParentHost?: string | undefined;
+ connectMacroParentDomain?: string | undefined;
}) => string[];
}
export {};
//# sourceMappingURL=csp-injection-service.d.ts.map
\ No newline at end of file