Skip to content

ref(csp): Validate CSP reports with JSON schema #6340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
alex-hofsteede wants to merge 1 commit into from
Closed

ref(csp): Validate CSP reports with JSON schema #6340

alex-hofsteede wants to merge 1 commit into from

Conversation

@alex-hofsteede
Copy link
Contributor

@alex-hofsteede alex-hofsteede commented Oct 16, 2017

In preparation for accepting other types of browser security reports,
start using JSON schema to validate the structure of these documents
to avoid duplicating a bunch of manual validation for the different
report types.

@ghost
Copy link

ghost commented Oct 16, 2017
edited by ghost
Loading

1 Warning
⚠️ You should update CHANGES due to the size of this PR

Generated by 🚫 danger

alex-hofsteede
alex-hofsteede commented Oct 16, 2017
View reviewed changes
src/sentry/schemas/security_reports.py Outdated
# NB this schema validates the version of the CSP report we create after
# validate_data() which changes hyphens to underscores in the key names.

CSP_POLICY_VIOLATION_REPORT_SCHEMA = {
Copy link
Contributor Author

@alex-hofsteede alex-hofsteede Oct 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From the department of redundancy department.

@alex-hofsteede alex-hofsteede requested a review from a team October 16, 2017 22:04
mattrobenolt
mattrobenolt approved these changes Oct 16, 2017
View reviewed changes
Copy link
Contributor

@mattrobenolt mattrobenolt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really know json schema, but since it passes current tests, lgtm. 🍪

mitsuhiko
mitsuhiko approved these changes Oct 16, 2017
View reviewed changes
Copy link
Contributor

@mitsuhiko mitsuhiko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This diff is surprisingly hard to read. It's good but note that filter returns a generator on 3.x. It works atm but maybe name it uris_iter so that is clear.

@dcramer
Copy link
Member

dcramer commented Oct 16, 2017

I'd generally say avoid using filter() and use a list comprehension instead of the python3 concerns

@alex-hofsteede
ref(csp): Validate CSP reports with JSON schema
7c6351a 
In preparation for accepting other types of browser security reports,
start using JSON schema to validate the structure of these documents
to avoid duplicating a bunch of manual validation for the different
report types.
@alex-hofsteede
Copy link
Contributor Author

alex-hofsteede commented Oct 24, 2017

Superseded by #6417

@alex-hofsteede alex-hofsteede deleted the alex/json-csp branch December 1, 2017 21:14
@github-actions github-actions bot locked and limited conversation to collaborators Dec 22, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@bretthoerner bretthoerner Awaiting requested review from bretthoerner

2 more reviewers

@mitsuhiko mitsuhiko mitsuhiko approved these changes

@mattrobenolt mattrobenolt mattrobenolt approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@alex-hofsteede @dcramer @mitsuhiko @mattrobenolt