Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Request] Feature/toggle flag for upgrade-insecure-requests #23

Open
jareddreyerss opened this issue Aug 7, 2024 · 0 comments
Open
Labels
enhancement New feature or request

Comments

@jareddreyerss
Copy link
Contributor

upgrade-insecure-requests is a directive that is ignored when a policy is set to report-only.

This can cause console errors on CI build tools like lighthouse etc.

Suggested solution:

Feature toggle either by conditional logic or env config (possibly checking if circleci is running?) to disable upgrade-insecure-requests from the policy when in dev environments and when a policy is set to report-only.

see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests for reference.

@jareddreyerss jareddreyerss changed the title [Request] toggle/feature flag for upgrade-insecure-requests [Request] Feature/toggle flag for upgrade-insecure-requests Aug 7, 2024
@jareddreyerss jareddreyerss added the enhancement New feature or request label Aug 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant