Skip to content

Commit

Permalink
feat(csp): automatically add awsapps.com for Amazon SAML
Browse files Browse the repository at this point in the history 
Fixes #13712
  • Loading branch information
@nijel
nijel committed Feb 5, 2025
1 parent 39fa13b commit 096cfa5
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion weblate/middleware.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -449,7 +449,9 @@ def build_csp_auth(self) -> None:
]

for url in urls:
self.add_csp_host(url, "form-action")
domain = self.add_csp_host(url, "form-action")
if domain.endswith(".amazonaws.com"):
self.directives["form-action"].add("*.awsapps.com")


class SecurityMiddleware:
Expand Down

0 comments on commit 096cfa5

Please sign in to comment.