Diffusion Phabricator e43f2e0cee09

(stable) Don't emit Content-Security-Policy when returning a response during…
e43f2e0cee09
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

(stable) Don't emit Content-Security-Policy when returning a response during preflight setup checks

Summary:
Ref T4340. See https://discourse.phabricator-community.org/t/core-exception-during-installation/1193/8.

If we return a response very early during setup, we may not be able to read from the environment yet. Just decline to build a "Content-Security-Policy" header in these cases.

Test Plan:

Faked a preflight error (e.g., safe_mode enabled), restarted apache.
- Before patch: environment error while generating CSP.
- After patch: no error.
Loaded a normal page, observed an normal CSP header.

Maniphest Tasks: T4340

Differential Revision: https://secure.phabricator.com/D19172

Details

Provenance

epriestley	Authored on Mar 5 2018, 2:49 PM
epriestley	Pushed on Mar 5 2018, 2:54 PM

Differential Revision

D19172: Don't emit Content-Security-Policy when returning a response during preflight setup checks

Parents

rPae7236c7a413: (stable) Promote 2018 Week 9

Branches

Unknown

Tags

Unknown

Tasks

T4340: Implement Content-Security-Policy and Strict-Transport-Security headers

Build Status

Buildable 19737
Build 26732: Run Core Tests

Event Timeline

epriestley committed rPe43f2e0cee09: (stable) Don't emit Content-Security-Policy when returning a response during… (authored by epriestley).Mar 5 2018, 2:54 PM

epriestley added a task: T4340: Implement Content-Security-Policy and Strict-Transport-Security headers.

epriestley mentioned this in 2018 Week 9 (Very Early March).Mar 5 2018, 2:55 PM

Harbormaster completed building B19737: rPe43f2e0cee09: (stable) Don't emit Content-Security-Policy when returning a response during….Mar 5 2018, 2:56 PM

Changes (1)

Path

Size

src/

aphront/

response/

AphrontResponse.php

rPe43f2e0cee09

src/aphront/response/AphrontResponse.php

Loading...