Page MenuHomePhabricator
Differential D19172

Don't emit Content-Security-Policy when returning a response during preflight setup checks
ClosedPublic
Actions

Authored by epriestley on Mar 5 2018, 2:52 PM.
Tags
None
Referenced Files
F19892576: D19172.id45925.diff
Sat, Mar 28, 2:23 AM
F19828873: D19172.id45926.diff
Mar 9 2026, 11:28 PM
F19828871: D19172.id45926.diff
Mar 9 2026, 11:27 PM
F19750580: D19172.id45926.diff
Feb 16 2026, 2:58 AM
F19750579: D19172.id45926.diff
Feb 16 2026, 2:53 AM
F19688011: D19172.id45926.diff
Feb 9 2026, 5:30 PM
F19090576: D19172.id.diff
Dec 3 2025, 12:16 PM
F19083877: D19172.diff
Dec 2 2025, 1:57 PM
View All Files
Subscribers
None

Details

Reviewers
None
Maniphest Tasks
T4340: Implement Content-Security-Policy and Strict-Transport-Security headers
Commits
rPe43f2e0cee09: (stable) Don't emit Content-Security-Policy when returning a response during…
rPf31975f7a3be: Don't emit Content-Security-Policy when returning a response during preflight…
Summary

Ref T4340. See https://discourse.phabricator-community.org/t/core-exception-during-installation/1193/8.

If we return a response very early during setup, we may not be able to read from the environment yet. Just decline to build a "Content-Security-Policy" header in these cases.

Test Plan
  • Faked a preflight error (e.g., safe_mode enabled), restarted apache.
    • Before patch: environment error while generating CSP.
    • After patch: no error.
  • Loaded a normal page, observed an normal CSP header.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley created this revision.Mar 5 2018, 2:52 PM
Harbormaster completed remote builds in B19735: Diff 45925.Mar 5 2018, 2:53 PM
This revision was not accepted when it landed; it landed in state Needs Review.Mar 5 2018, 2:53 PM
epriestley requested review of this revision.
Closed by commit rPf31975f7a3be: Don't emit Content-Security-Policy when returning a response during preflight… (authored by epriestley). · Explain Why
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
aphront/
response/
15 lines

Diff 45926

View Options

src/aphront/response/AphrontResponse.php

Loading...
Phabricator · Built by Phacility