Implemented desktop csp policies

2025-09-04 17:31:33 +02:00 · 2025-08-14 11:40:09 +02:00
parent bf7b24c3ee
commit 5e00deea19
2 changed files with 7 additions and 5 deletions
--- a/filter_plugins/csp_filters.py
+++ b/filter_plugins/csp_filters.py
@@ -147,10 +147,11 @@ class FilterModule(object):
                        tokens.append('https://www.google.com')

                # Allow the loading of js from the cdn
-                if directive == 'script-src-elem' and self.is_feature_enabled(applications, 'logout', application_id):
-                    domain = domains.get('web-svc-cdn')[0] 
-                    tokens.append(f"{domain}")
-                        
+                if directive == 'script-src-elem':
+                    if self.is_feature_enabled(applications, 'logout', application_id) or self.is_feature_enabled(applications, 'port-ui-desktop', application_id):
+                        domain = domains.get('web-svc-cdn')[0]
+                        tokens.append(f"{domain}")
+
                if directive == 'frame-ancestors':
                    # Enable loading via ancestors
                    if self.is_feature_enabled(applications, 'port-ui-desktop', application_id):
--- a/tests/unit/filter_plugins/test_csp_filters.py
+++ b/tests/unit/filter_plugins/test_csp_filters.py
@@ -51,7 +51,8 @@ class TestCspFilters(unittest.TestCase):
            'app2': {}
        }
        self.domains = {
-            'web-app-matomo': ['matomo.example.org']
+            'web-app-matomo': ['matomo.example.org'],
+            'web-svc-cdn': ['cdn.example.org'],
        }

    def test_get_csp_whitelist_list(self):