Skip to content
This repository has been archived by the owner on Feb 2, 2022. It is now read-only.

Improves the security headers #198

Merged
merged 6 commits into from
Jan 29, 2020
Merged

Improves the security headers #198

merged 6 commits into from
Jan 29, 2020

Conversation

rgreinho
Copy link
Member

Types of changes

  • Security

Description

Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Checklist

  • [] I have updated the documentation accordingly
  • [] I have written unit tests

Fixes #194

@rgreinho rgreinho requested a review from a user January 23, 2020 21:51
@rgreinho rgreinho self-assigned this Jan 23, 2020
ghost
ghost reviewed Jan 26, 2020
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I could not run this locally, but maybe it's my config. I'll revisit this. Here is the error I am getting currently.

SyntaxError: Cannot use import statement outside a module

@rgreinho
Copy link
Member Author

Ah good catch! The HMR did not catch the bad changes.

I fixed the issue you mentioned, but no the CSP rules are too strict, and the site does not render properly. I'll keep working on the CSP rules.

@rgreinho rgreinho added the no-mergify Do not automatically merge label Jan 26, 2020
@rgreinho
Improves the security headers
50a22d4 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194
@rgreinho
Fix bad modules
e6ab24f
@rgreinho
Copy link
Member Author

This may help tweaking the CSPs: https://www.cspisawesome.com/.

@rgreinho
Copy link
Member Author

This too for mapbox tiles: https://docs.mapbox.com/mapbox-gl-js/overview/

@rgreinho
Improves the security headers
ececd17 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194
@rgreinho
save
e1d0f00
@rgreinho
save
c6bb4f0
@rgreinho rgreinho requested a review from a user January 27, 2020 22:40
@rgreinho
Copy link
Member Author

Alright @tom-nook, these values should do the trick!

ghost
ghost approved these changes Jan 29, 2020
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed recent commits, runs great locally, awesome!

@rgreinho rgreinho removed the no-mergify Do not automatically merge label Jan 29, 2020
@mergify mergify bot merged commit 0f8b84d into master Jan 29, 2020
@rgreinho rgreinho deleted the issues/194/security-headers branch January 29, 2020 03:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
Assignees

@rgreinho rgreinho

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Leverage Mozilla Observatory to improve security
1 participant
@rgreinho