Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #17114 Setup cross-origin isolation when loading assets or the documentation
    Actions
    Infos
    #17114
    Thomas Gerbet (tgerbet)
    2020-11-26 10:04
    2020-09-25 14:45
    18452
    Details
    Setup cross-origin isolation when loading assets or the documentation
    While it's not really useful by itself the main goal is to start deploying such measure and see how it behaves in the different environments Tuleap gets deployed (i.e. does something break in this weird Enterprise (TM) deployment). This is a first step before going for more wide deployment.

    The need for stricter control of cross-origin has arise since attacks like Spectre.


    More information can be found here:
    https://web.dev/coop-coep/
    https://docs.google.com/document/d/1zDlfvfTJ_9e8Jdc8ehuV4zMEu9ySMCiTGMS9y0GU92k/edit
    https://resourcepolicy.fyi/
    Other
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2020-11-26
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #16652 Tuleap Releases 12.2 Delivered 2020-13-11 14:07 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #17114

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/91/20291/2' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 6e01208a73
    User avatar Joris MASSON (jmasson) , 2020-11-04 16:39
    request #17114: Setup cross-origin isolation when loading assets or the documentation 7971b7c350
    User avatar Thomas Gerbet (tgerbet) , 2020-11-03 10:19
    Referenced by request #17114

    Artifact Tracker v5

    rel #16652 12.2

    Other

    gerrit #20291
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2020-11-26 10:04
    This was delivered in 12.2.
    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2020-11-26
    User avatar
    Thomas Gerbet (tgerbet)2020-09-25 14:58
    Patch under review: gerrit #20291.
    • Summary
      -Set up cross-origin isolation when loading assets or the documentation 
      +Setup cross-origin isolation when loading assets or the documentation 
    • Status changed from Under implementation to Under review