[BUGFIX] Replace CSP mutation mode extend by inherit & append (af9a058b) · Commits · TYPO3 / TYPO3.CMS

Commit af9a058b authored 1 year ago by

Oliver Hader Committed by Oliver Hader 1 year ago

[BUGFIX] Replace CSP mutation mode extend by inherit & append

MutationMode::Extend has some ambiguity when being invoked
multiple times on modified ancestor source collections.
This change introduces the new MutationMode::InheritOnce,
MutationMode::InheritAgain and MutationMode::Append.

The implicit behavior of MutationMode::Extend changes from the
combination of MutationMode::InheritAgain + MutationMode::Append
to MutationMode::InheritOnce + MutationMode::Append to avoid
side effects with more configurations modifying the policy.

Static mutations loaded from ContentSecurityPolicies.php are
ordered accordoring to the packages dependency hierarchy. That
is the reason, the configuration from ext:core had to be moved
to both ext:backend and ext:frontend.

Resolves: #101797
Releases: main, 12.4
Change-Id: I7ab8e9d3f5635783d026f585f15c27ff62189959
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81574


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: core-ci <typo3@b13.com>

parent fe8d8e67

Branches

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 166 additions and 56 deletions

Please register or to comment