•  
      request #17114 Setup cross-origin isolation when loading assets or the documentation
    Infos
    #17114
    Thomas Gerbet (tgerbet)
    2020-11-26 10:04
    2020-09-25 14:45
    18457
    Details
    Setup cross-origin isolation when loading assets or the documentation
    While it's not really useful by itself the main goal is to start deploying such measure and see how it behaves in the different environments Tuleap gets deployed (i.e. does something break in this weird Enterprise (TM) deployment). This is a first step before going for more wide deployment.

    The need for stricter control of cross-origin has arise since attacks like Spectre.


    More information can be found here:
    https://web.dev/coop-coep/
    https://docs.google.com/document/d/1zDlfvfTJ_9e8Jdc8ehuV4zMEu9ySMCiTGMS9y0GU92k/edit
    https://resourcepolicy.fyi/
    Other
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2020-11-26
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2020-11-26 10:04
    This was delivered in 12.2.

    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2020-11-26
    User avatar
    Thomas Gerbet (tgerbet)2020-09-25 14:58
    Patch under review: gerrit #20291.

    • Summary
      -Set up cross-origin isolation when loading assets or the documentation 
      +Setup cross-origin isolation when loading assets or the documentation 
    • Status changed from Under implementation to Under review