Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use flask-talisman for handling backend response headers #3404

Merged
merged 8 commits into from
Mar 27, 2019
Merged

Use flask-talisman for handling backend response headers #3404

merged 8 commits into from
Mar 27, 2019

Conversation

jezdez
Copy link
Member

@jezdez jezdez commented Feb 6, 2019

Fixes #3060.
Refs #3044.
Refs mozilla#562.
Helps #2891. 🎉

@ghost ghost assigned jezdez Feb 6, 2019
@ghost ghost added the in progress label Feb 6, 2019
@jezdez jezdez requested a review from arikfr February 6, 2019 14:54
@jezdez jezdez mentioned this pull request Feb 6, 2019
Closed
@rauchy
Copy link
Contributor

rauchy commented Feb 7, 2019

Thanks @jezdez!

@arikfr if you merge this, we can discard #3214

@jezdez
Copy link
Member Author

jezdez commented Feb 7, 2019

@rauchy Oh dang, I had missed your PR, apologies for the overlap 😬

emtwo
emtwo reviewed Feb 13, 2019
View reviewed changes
Copy link

@emtwo emtwo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good to me!

arikfr
arikfr requested changes Feb 14, 2019
View reviewed changes
Copy link
Member

@arikfr arikfr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, please see comments.

redash/security.py Show resolved Hide resolved
redash/settings/__init__.py Outdated Show resolved Hide resolved
redash/settings/__init__.py Outdated Show resolved Hide resolved
redash/settings/__init__.py Show resolved Hide resolved
requirements.txt Outdated Show resolved Hide resolved
@jezdez jezdez mentioned this pull request Feb 19, 2019
Closed
arikfr
arikfr requested changes Feb 19, 2019
View reviewed changes
requirements.txt Outdated Show resolved Hide resolved
redash/settings/__init__.py Show resolved Hide resolved
redash/settings/__init__.py Outdated Show resolved Hide resolved
redash/settings/__init__.py Outdated Show resolved Hide resolved
@ghost ghost assigned rauchy Feb 19, 2019
@jezdez jezdez requested a review from arikfr February 22, 2019 11:38
arikfr
arikfr requested changes Feb 25, 2019
View reviewed changes
redash/authentication/__init__.py Show resolved Hide resolved
redash/settings/__init__.py Show resolved Hide resolved
@rauchy rauchy removed their assignment Feb 27, 2019
@jezdez jezdez requested a review from arikfr March 7, 2019 11:02
@jezdez jezdez force-pushed the talisman branch 2 times, most recently from d697222 to bb26cee Compare March 7, 2019 11:07
@weekly-digest weekly-digest bot mentioned this pull request Mar 10, 2019
Closed
@jezdez
Copy link
Member Author

jezdez commented Mar 21, 2019

@arikfr Is there anything needed to merge this?

@jezdez jezdez modified the milestones: v7.0.0, Next Mar 22, 2019
@jezdez
Copy link
Member Author

jezdez commented Mar 27, 2019

@arikfr Anything needed to merge this?

@arikfr arikfr merged commit 712fc63 into master Mar 27, 2019
@arikfr arikfr deleted the talisman branch March 27, 2019 15:24
@arikfr
Copy link
Member

arikfr commented Mar 27, 2019

Anything needed to merge this?

Time.

@arikfr arikfr mentioned this pull request Apr 17, 2019
Merged
1 task
jezdez pushed a commit that referenced this pull request Apr 17, 2019
@arikfr @jezdez
Fix: update default CSP policy to allow KB iframe. (#3714)
97492d7 
## What type of PR is this? (check all applicable)

- [x] Bug Fix

## Description

Without this change the Help Drawer couldn't load content anymore.

## Related Tickets & Documents

#3404
@arikfr arikfr mentioned this pull request Jul 7, 2019
Merged
1 task
harveyrendell pushed a commit to pushpay/redash that referenced this pull request Nov 14, 2019
@jezdez @harveyrendell
Use flask-talisman for handling backend response headers (getredash#3404
ff101a4 
)

* Normalize Flask initialization API use.

* Use Flask-Talisman.

* Enable HSTS when HTTPS is enforced.

* More details about how CSP is formatted and write CSP directives as a string.

* Use CSP frame-ancestors directive and not X-Frame-Options for embedable endpoints.

* Add link to flask-talisman docs.

* set remember_token cookie to be HTTP-Only and Secure

* Reorganize secret key configuration to be forward thinking and backward compatible.
harveyrendell pushed a commit to pushpay/redash that referenced this pull request Nov 14, 2019
@arikfr @harveyrendell
Fix: update default CSP policy to allow KB iframe. (getredash#3714)
f437081 
## What type of PR is this? (check all applicable)

- [x] Bug Fix

## Description

Without this change the Help Drawer couldn't load content anymore.

## Related Tickets & Documents

getredash#3404
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emtwo emtwo emtwo left review comments

@arikfr arikfr arikfr approved these changes

Assignees

@jezdez jezdez

@arikfr arikfr

Labels
None yet
Projects
None yet
Milestone
Next
Development

Successfully merging this pull request may close these issues.
4 participants
@jezdez @rauchy @arikfr @emtwo