diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.getstartservices.md b/docs/development/core/server/kibana-plugin-server.coresetup.getstartservices.md
index 589529cf2a7f7..b05d28899f9d2 100644
--- a/docs/development/core/server/kibana-plugin-server.coresetup.getstartservices.md
+++ b/docs/development/core/server/kibana-plugin-server.coresetup.getstartservices.md
@@ -1,17 +1,17 @@
-
-
-[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CoreSetup](./kibana-plugin-server.coresetup.md) > [getStartServices](./kibana-plugin-server.coresetup.getstartservices.md)
-
-## CoreSetup.getStartServices() method
-
-Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed `start`. This should only be used inside handlers registered during `setup` that will only be executed after `start` lifecycle.
-
-Signature:
-
-```typescript
-getStartServices(): Promise<[CoreStart, TPluginsStart]>;
-```
-Returns:
-
-`Promise<[CoreStart, TPluginsStart]>`
-
+
+
+[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CoreSetup](./kibana-plugin-server.coresetup.md) > [getStartServices](./kibana-plugin-server.coresetup.getstartservices.md)
+
+## CoreSetup.getStartServices() method
+
+Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed `start`. This should only be used inside handlers registered during `setup` that will only be executed after `start` lifecycle.
+
+Signature:
+
+```typescript
+getStartServices(): Promise<[CoreStart, TPluginsStart]>;
+```
+Returns:
+
+`Promise<[CoreStart, TPluginsStart]>`
+
diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.md b/docs/development/core/server/kibana-plugin-server.coresetup.md
index 325f7216122b5..c36d649837e8a 100644
--- a/docs/development/core/server/kibana-plugin-server.coresetup.md
+++ b/docs/development/core/server/kibana-plugin-server.coresetup.md
@@ -1,32 +1,32 @@
-
-
-[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CoreSetup](./kibana-plugin-server.coresetup.md)
-
-## CoreSetup interface
-
-Context passed to the plugins `setup` method.
-
-Signature:
-
-```typescript
-export interface CoreSetup
-```
-
-## Properties
-
-| Property | Type | Description |
-| --- | --- | --- |
-| [capabilities](./kibana-plugin-server.coresetup.capabilities.md) | CapabilitiesSetup
| [CapabilitiesSetup](./kibana-plugin-server.capabilitiessetup.md) |
-| [context](./kibana-plugin-server.coresetup.context.md) | ContextSetup
| [ContextSetup](./kibana-plugin-server.contextsetup.md) |
-| [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | ElasticsearchServiceSetup
| [ElasticsearchServiceSetup](./kibana-plugin-server.elasticsearchservicesetup.md) |
-| [http](./kibana-plugin-server.coresetup.http.md) | HttpServiceSetup
| [HttpServiceSetup](./kibana-plugin-server.httpservicesetup.md) |
-| [savedObjects](./kibana-plugin-server.coresetup.savedobjects.md) | SavedObjectsServiceSetup
| [SavedObjectsServiceSetup](./kibana-plugin-server.savedobjectsservicesetup.md) |
-| [uiSettings](./kibana-plugin-server.coresetup.uisettings.md) | UiSettingsServiceSetup
| [UiSettingsServiceSetup](./kibana-plugin-server.uisettingsservicesetup.md) |
-| [uuid](./kibana-plugin-server.coresetup.uuid.md) | UuidServiceSetup
| [UuidServiceSetup](./kibana-plugin-server.uuidservicesetup.md) |
-
-## Methods
-
-| Method | Description |
-| --- | --- |
-| [getStartServices()](./kibana-plugin-server.coresetup.getstartservices.md) | Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed start
. This should only be used inside handlers registered during setup
that will only be executed after start
lifecycle. |
-
+
+
+[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CoreSetup](./kibana-plugin-server.coresetup.md)
+
+## CoreSetup interface
+
+Context passed to the plugins `setup` method.
+
+Signature:
+
+```typescript
+export interface CoreSetup
+```
+
+## Properties
+
+| Property | Type | Description |
+| --- | --- | --- |
+| [capabilities](./kibana-plugin-server.coresetup.capabilities.md) | CapabilitiesSetup
| [CapabilitiesSetup](./kibana-plugin-server.capabilitiessetup.md) |
+| [context](./kibana-plugin-server.coresetup.context.md) | ContextSetup
| [ContextSetup](./kibana-plugin-server.contextsetup.md) |
+| [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | ElasticsearchServiceSetup
| [ElasticsearchServiceSetup](./kibana-plugin-server.elasticsearchservicesetup.md) |
+| [http](./kibana-plugin-server.coresetup.http.md) | HttpServiceSetup
| [HttpServiceSetup](./kibana-plugin-server.httpservicesetup.md) |
+| [savedObjects](./kibana-plugin-server.coresetup.savedobjects.md) | SavedObjectsServiceSetup
| [SavedObjectsServiceSetup](./kibana-plugin-server.savedobjectsservicesetup.md) |
+| [uiSettings](./kibana-plugin-server.coresetup.uisettings.md) | UiSettingsServiceSetup
| [UiSettingsServiceSetup](./kibana-plugin-server.uisettingsservicesetup.md) |
+| [uuid](./kibana-plugin-server.coresetup.uuid.md) | UuidServiceSetup
| [UuidServiceSetup](./kibana-plugin-server.uuidservicesetup.md) |
+
+## Methods
+
+| Method | Description |
+| --- | --- |
+| [getStartServices()](./kibana-plugin-server.coresetup.getstartservices.md) | Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed start
. This should only be used inside handlers registered during setup
that will only be executed after start
lifecycle. |
+
diff --git a/docs/development/core/server/kibana-plugin-server.cspconfig.ruleschangedfromdefault.md b/docs/development/core/server/kibana-plugin-server.cspconfig.default.md
similarity index 56%
rename from docs/development/core/server/kibana-plugin-server.cspconfig.ruleschangedfromdefault.md
rename to docs/development/core/server/kibana-plugin-server.cspconfig.default.md
index 3320785935b21..56e6cf35cdd13 100644
--- a/docs/development/core/server/kibana-plugin-server.cspconfig.ruleschangedfromdefault.md
+++ b/docs/development/core/server/kibana-plugin-server.cspconfig.default.md
@@ -1,11 +1,11 @@
-[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CspConfig](./kibana-plugin-server.cspconfig.md) > [rulesChangedFromDefault](./kibana-plugin-server.cspconfig.ruleschangedfromdefault.md)
+[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [CspConfig](./kibana-plugin-server.cspconfig.md) > [DEFAULT](./kibana-plugin-server.cspconfig.default.md)
-## CspConfig.rulesChangedFromDefault property
+## CspConfig.DEFAULT property
Signature:
```typescript
-readonly rulesChangedFromDefault: boolean;
+static readonly DEFAULT: CspConfig;
```
diff --git a/docs/development/core/server/kibana-plugin-server.cspconfig.md b/docs/development/core/server/kibana-plugin-server.cspconfig.md
index 6f12d64676ce9..7e491cb0df912 100644
--- a/docs/development/core/server/kibana-plugin-server.cspconfig.md
+++ b/docs/development/core/server/kibana-plugin-server.cspconfig.md
@@ -20,9 +20,9 @@ The constructor for this class is marked as internal. Third-party code should no
| Property | Modifiers | Type | Description |
| --- | --- | --- | --- |
+| [DEFAULT](./kibana-plugin-server.cspconfig.default.md) | static
| CspConfig
| |
| [header](./kibana-plugin-server.cspconfig.header.md) | | string
| |
| [rules](./kibana-plugin-server.cspconfig.rules.md) | | string[]
| |
-| [rulesChangedFromDefault](./kibana-plugin-server.cspconfig.ruleschangedfromdefault.md) | | boolean
| |
| [strict](./kibana-plugin-server.cspconfig.strict.md) | | boolean
| |
| [warnLegacyBrowsers](./kibana-plugin-server.cspconfig.warnlegacybrowsers.md) | | boolean
| |
diff --git a/docs/development/core/server/kibana-plugin-server.icspconfig.md b/docs/development/core/server/kibana-plugin-server.icspconfig.md
index 00107d561873f..fb8188386a376 100644
--- a/docs/development/core/server/kibana-plugin-server.icspconfig.md
+++ b/docs/development/core/server/kibana-plugin-server.icspconfig.md
@@ -18,7 +18,6 @@ export interface ICspConfig
| --- | --- | --- |
| [header](./kibana-plugin-server.icspconfig.header.md) | string
| The CSP rules in a formatted directives string for use in a Content-Security-Policy
header. |
| [rules](./kibana-plugin-server.icspconfig.rules.md) | string[]
| The CSP rules used for Kibana. |
-| [rulesChangedFromDefault](./kibana-plugin-server.icspconfig.ruleschangedfromdefault.md) | boolean
| Flag indicating that the configuraion changes the csp rules from the defaults |
| [strict](./kibana-plugin-server.icspconfig.strict.md) | boolean
| Specify whether browsers that do not support CSP should be able to use Kibana. Use true
to block and false
to allow. |
| [warnLegacyBrowsers](./kibana-plugin-server.icspconfig.warnlegacybrowsers.md) | boolean
| Specify whether users with legacy browsers should be warned about their lack of Kibana security compliance. |
diff --git a/docs/development/core/server/kibana-plugin-server.icspconfig.ruleschangedfromdefault.md b/docs/development/core/server/kibana-plugin-server.icspconfig.ruleschangedfromdefault.md
deleted file mode 100644
index 427c07d2d1e4d..0000000000000
--- a/docs/development/core/server/kibana-plugin-server.icspconfig.ruleschangedfromdefault.md
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-[Home](./index.md) > [kibana-plugin-server](./kibana-plugin-server.md) > [ICspConfig](./kibana-plugin-server.icspconfig.md) > [rulesChangedFromDefault](./kibana-plugin-server.icspconfig.ruleschangedfromdefault.md)
-
-## ICspConfig.rulesChangedFromDefault property
-
-Flag indicating that the configuraion changes the csp rules from the defaults
-
-Signature:
-
-```typescript
-readonly rulesChangedFromDefault: boolean;
-```
diff --git a/packages/kbn-dev-utils/src/kbn_client/kbn_client_status.ts b/packages/kbn-dev-utils/src/kbn_client/kbn_client_status.ts
index 3775aecb2db09..22baf4a330416 100644
--- a/packages/kbn-dev-utils/src/kbn_client/kbn_client_status.ts
+++ b/packages/kbn-dev-utils/src/kbn_client/kbn_client_status.ts
@@ -32,7 +32,6 @@ interface Status {
interface ApiResponseStatus {
name: string;
uuid: string;
- running_from_source?: true;
version: {
number: string;
build_hash: string;
@@ -59,11 +58,6 @@ export class KbnClientStatus {
});
}
- public async isDistributable() {
- const status = await this.get();
- return !status.running_from_source;
- }
-
/**
* Get the overall/merged state
*/
diff --git a/packages/kbn-pm/dist/index.js b/packages/kbn-pm/dist/index.js
index 364b91a30841c..8bded9d403c21 100644
--- a/packages/kbn-pm/dist/index.js
+++ b/packages/kbn-pm/dist/index.js
@@ -43639,10 +43639,6 @@ class KbnClientStatus {
path: 'api/status',
});
}
- async isDistributable() {
- const status = await this.get();
- return !status.running_from_source;
- }
/**
* Get the overall/merged state
*/
diff --git a/src/core/server/config/env.mock.ts b/src/core/server/config/env.mock.ts
deleted file mode 100644
index f9b4e0732c1cb..0000000000000
--- a/src/core/server/config/env.mock.ts
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Licensed to Elasticsearch B.V. under one or more contributor
- * license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright
- * ownership. Elasticsearch B.V. licenses this file to you under
- * the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import { Env } from './env';
-
-export function createMockEnv(options: { dist?: boolean } = {}): Env {
- return {
- // required by CspConfig
- packageInfo: {
- dist: options.dist ?? true,
- },
- } as any;
-}
diff --git a/src/core/server/csp/csp_config.test.ts b/src/core/server/csp/csp_config.test.ts
index 15cddc6fccd34..45fa8445791b0 100644
--- a/src/core/server/csp/csp_config.test.ts
+++ b/src/core/server/csp/csp_config.test.ts
@@ -18,7 +18,6 @@
*/
import { CspConfig } from '.';
-import { createMockEnv } from '../config/env.mock';
// CSP rules aren't strictly additive, so any change can potentially expand or
// restrict the policy in a way we consider a breaking change. For that reason,
@@ -34,10 +33,23 @@ import { createMockEnv } from '../config/env.mock';
// the nature of a change in defaults during a PR review.
describe('CspConfig', () => {
- test('defaults from config', () => {
- const cspConfig = new CspConfig(createMockEnv());
+ test('DEFAULT', () => {
+ expect(CspConfig.DEFAULT).toMatchInlineSnapshot(`
+ CspConfig {
+ "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
+ "rules": Array [
+ "script-src 'unsafe-eval' 'self'",
+ "worker-src blob: 'self'",
+ "style-src 'unsafe-inline' 'self'",
+ ],
+ "strict": true,
+ "warnLegacyBrowsers": true,
+ }
+ `);
+ });
- expect(cspConfig).toMatchInlineSnapshot(`
+ test('defaults from config', () => {
+ expect(new CspConfig()).toMatchInlineSnapshot(`
CspConfig {
"header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
"rules": Array [
@@ -45,7 +57,6 @@ describe('CspConfig', () => {
"worker-src blob: 'self'",
"style-src 'unsafe-inline' 'self'",
],
- "rulesChangedFromDefault": false,
"strict": true,
"warnLegacyBrowsers": true,
}
@@ -53,9 +64,7 @@ describe('CspConfig', () => {
});
test('creates from partial config', () => {
- const cspConfig = new CspConfig(createMockEnv(), { strict: false, warnLegacyBrowsers: false });
-
- expect(cspConfig).toMatchInlineSnapshot(`
+ expect(new CspConfig({ strict: false, warnLegacyBrowsers: false })).toMatchInlineSnapshot(`
CspConfig {
"header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
"rules": Array [
@@ -63,7 +72,6 @@ describe('CspConfig', () => {
"worker-src blob: 'self'",
"style-src 'unsafe-inline' 'self'",
],
- "rulesChangedFromDefault": false,
"strict": false,
"warnLegacyBrowsers": false,
}
@@ -71,7 +79,7 @@ describe('CspConfig', () => {
});
test('computes header from rules', () => {
- const cspConfig = new CspConfig(createMockEnv(), { rules: ['alpha', 'beta', 'gamma'] });
+ const cspConfig = new CspConfig({ rules: ['alpha', 'beta', 'gamma'] });
expect(cspConfig).toMatchInlineSnapshot(`
CspConfig {
@@ -81,25 +89,6 @@ describe('CspConfig', () => {
"beta",
"gamma",
],
- "rulesChangedFromDefault": true,
- "strict": true,
- "warnLegacyBrowsers": true,
- }
- `);
- });
-
- test(`includes blob: style-src if env indicates we're running from source`, () => {
- const cspConfig = new CspConfig(createMockEnv({ dist: false }));
-
- expect(cspConfig).toMatchInlineSnapshot(`
- CspConfig {
- "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src blob: 'unsafe-inline' 'self'",
- "rules": Array [
- "script-src 'unsafe-eval' 'self'",
- "worker-src blob: 'self'",
- "style-src blob: 'unsafe-inline' 'self'",
- ],
- "rulesChangedFromDefault": false,
"strict": true,
"warnLegacyBrowsers": true,
}
diff --git a/src/core/server/csp/csp_config.ts b/src/core/server/csp/csp_config.ts
index 592a7209f4364..bb57702a4a241 100644
--- a/src/core/server/csp/csp_config.ts
+++ b/src/core/server/csp/csp_config.ts
@@ -18,7 +18,6 @@
*/
import { config } from './config';
-import { Env } from '../config';
const DEFAULT_CONFIG = Object.freeze(config.schema.validate({}));
@@ -49,12 +48,6 @@ export interface ICspConfig {
* in a `Content-Security-Policy` header.
*/
readonly header: string;
-
- /**
- * Flag indicating that the configuraion changes the csp
- * rules from the defaults
- */
- readonly rulesChangedFromDefault: boolean;
}
/**
@@ -62,37 +55,23 @@ export interface ICspConfig {
* @public
*/
export class CspConfig implements ICspConfig {
+ static readonly DEFAULT = new CspConfig();
+
public readonly rules: string[];
public readonly strict: boolean;
public readonly warnLegacyBrowsers: boolean;
public readonly header: string;
- public readonly rulesChangedFromDefault: boolean;
/**
* Returns the default CSP configuration when passed with no config
* @internal
*/
- constructor(env: Env, rawCspConfig?: Partial>) {
+ constructor(rawCspConfig: Partial> = {}) {
const source = { ...DEFAULT_CONFIG, ...rawCspConfig };
- this.rules = source.rules.map(rule => {
- // if we receive an env, and it indicates that this isn't a distributable, add `blob:` to the style csp rules
- if (env && !env.packageInfo.dist && rule.startsWith('style-src ')) {
- return rule.replace(/^style-src /, 'style-src blob: ');
- }
-
- return rule;
- });
+ this.rules = source.rules;
this.strict = source.strict;
this.warnLegacyBrowsers = source.warnLegacyBrowsers;
- this.header = this.rules.join('; ');
-
- // only check to see if the csp values are customized when `rawCspConfig` was received.
- if (!rawCspConfig) {
- this.rulesChangedFromDefault = false;
- } else {
- const defaultCsp = new CspConfig(env);
- this.rulesChangedFromDefault = defaultCsp.header !== this.header;
- }
+ this.header = source.rules.join('; ');
}
}
diff --git a/src/core/server/http/http_config.ts b/src/core/server/http/http_config.ts
index b249dbb5b6a04..73f44f3c5ab5c 100644
--- a/src/core/server/http/http_config.ts
+++ b/src/core/server/http/http_config.ts
@@ -22,7 +22,6 @@ import { hostname } from 'os';
import { CspConfigType, CspConfig, ICspConfig } from '../csp';
import { SslConfig, sslSchema } from './ssl_config';
-import { Env } from '../config';
const validBasePathRegex = /(^$|^\/.*[^\/]$)/;
const uuidRegexp = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
@@ -149,7 +148,7 @@ export class HttpConfig {
/**
* @internal
*/
- constructor(rawHttpConfig: HttpConfigType, rawCspConfig: CspConfigType, env: Env) {
+ constructor(rawHttpConfig: HttpConfigType, rawCspConfig: CspConfigType) {
this.autoListen = rawHttpConfig.autoListen;
this.host = rawHttpConfig.host;
this.port = rawHttpConfig.port;
@@ -163,7 +162,7 @@ export class HttpConfig {
this.rewriteBasePath = rawHttpConfig.rewriteBasePath;
this.ssl = new SslConfig(rawHttpConfig.ssl || {});
this.compression = rawHttpConfig.compression;
- this.csp = new CspConfig(env, rawCspConfig);
+ this.csp = new CspConfig(rawCspConfig);
this.xsrf = rawHttpConfig.xsrf;
}
}
diff --git a/src/core/server/http/http_service.mock.ts b/src/core/server/http/http_service.mock.ts
index 7fc2f5d990824..6db1ca80ab437 100644
--- a/src/core/server/http/http_service.mock.ts
+++ b/src/core/server/http/http_service.mock.ts
@@ -21,7 +21,6 @@ import { Server } from 'hapi';
import { CspConfig } from '../csp';
import { mockRouter } from './router/router.mock';
import { configMock } from '../config/config.mock';
-import { createMockEnv } from '../config/env.mock';
import { InternalHttpServiceSetup } from './types';
import { HttpService } from './http_service';
import { OnPreAuthToolkit } from './lifecycle/on_pre_auth';
@@ -62,7 +61,7 @@ const createSetupContractMock = () => {
registerOnPreResponse: jest.fn(),
createRouter: jest.fn().mockImplementation(() => mockRouter.create({})),
basePath: createBasePathMock(),
- csp: new CspConfig(createMockEnv()),
+ csp: CspConfig.DEFAULT,
auth: {
get: jest.fn(),
isAuthenticated: jest.fn(),
diff --git a/src/core/server/http/http_service.ts b/src/core/server/http/http_service.ts
index 8a86667a1a6bc..ae9d53f9fd3db 100644
--- a/src/core/server/http/http_service.ts
+++ b/src/core/server/http/http_service.ts
@@ -70,7 +70,7 @@ export class HttpService implements CoreService(httpConfig.path),
configService.atPath(cspConfig.path),
- ]).pipe(map(([http, csp]) => new HttpConfig(http, csp, env)));
+ ]).pipe(map(([http, csp]) => new HttpConfig(http, csp)));
this.httpServer = new HttpServer(logger, 'Kibana');
this.httpsRedirectServer = new HttpsRedirectServer(logger.get('http', 'redirect', 'server'));
}
diff --git a/src/core/server/http/http_tools.test.ts b/src/core/server/http/http_tools.test.ts
index d552339f1ea1c..c1322a5aa94db 100644
--- a/src/core/server/http/http_tools.test.ts
+++ b/src/core/server/http/http_tools.test.ts
@@ -29,7 +29,6 @@ import { defaultValidationErrorHandler, HapiValidationError, getServerOptions }
import { HttpServer } from './http_server';
import { HttpConfig, config } from './http_config';
import { Router } from './router';
-import { createMockEnv } from '../config/env.mock';
import { loggingServiceMock } from '../logging/logging_service.mock';
import { ByteSizeValue } from '@kbn/config-schema';
@@ -121,8 +120,7 @@ describe('getServerOptions', () => {
certificate: 'some-certificate-path',
},
}),
- {} as any,
- createMockEnv()
+ {} as any
);
expect(getServerOptions(httpConfig).tls).toMatchInlineSnapshot(`
@@ -151,8 +149,7 @@ describe('getServerOptions', () => {
clientAuthentication: 'required',
},
}),
- {} as any,
- createMockEnv()
+ {} as any
);
expect(getServerOptions(httpConfig).tls).toMatchInlineSnapshot(`
diff --git a/src/core/server/legacy/legacy_service.ts b/src/core/server/legacy/legacy_service.ts
index ca1204f0ac05c..0cb717e3832aa 100644
--- a/src/core/server/legacy/legacy_service.ts
+++ b/src/core/server/legacy/legacy_service.ts
@@ -86,7 +86,7 @@ export class LegacyService implements CoreService {
public legacyInternals?: ILegacyInternals;
constructor(private readonly coreContext: CoreContext) {
- const { logger, configService, env } = coreContext;
+ const { logger, configService } = coreContext;
this.log = logger.get('legacy-service');
this.devConfig$ = configService
@@ -95,7 +95,7 @@ export class LegacyService implements CoreService {
this.httpConfig$ = combineLatest(
configService.atPath(httpConfig.path),
configService.atPath(cspConfig.path)
- ).pipe(map(([http, csp]) => new HttpConfig(http, csp, env)));
+ ).pipe(map(([http, csp]) => new HttpConfig(http, csp)));
}
public async discoverPlugins(): Promise {
diff --git a/src/core/server/mocks.ts b/src/core/server/mocks.ts
index 846c2e4d8c507..c0a8973d98a54 100644
--- a/src/core/server/mocks.ts
+++ b/src/core/server/mocks.ts
@@ -33,7 +33,6 @@ import { capabilitiesServiceMock } from './capabilities/capabilities_service.moc
export { httpServerMock } from './http/http_server.mocks';
export { sessionStorageMock } from './http/cookie_session_storage.mocks';
export { configServiceMock } from './config/config_service.mock';
-import { createMockEnv } from './config/env.mock';
export { elasticsearchServiceMock } from './elasticsearch/elasticsearch_service.mock';
export { httpServiceMock } from './http/http_service.mock';
export { loggingServiceMock } from './logging/logging_service.mock';
@@ -98,7 +97,7 @@ function createCoreSetupMock() {
registerOnPostAuth: httpService.registerOnPostAuth,
registerOnPreResponse: httpService.registerOnPreResponse,
basePath: httpService.basePath,
- csp: new CspConfig(createMockEnv()),
+ csp: CspConfig.DEFAULT,
isTlsEnabled: httpService.isTlsEnabled,
createRouter: jest.fn(),
registerRouteHandlerContext: jest.fn(),
diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md
index 629e6a881199b..a179e1f35a937 100644
--- a/src/core/server/server.api.md
+++ b/src/core/server/server.api.md
@@ -583,14 +583,14 @@ export interface CoreStart {
// @public
export class CspConfig implements ICspConfig {
// @internal
- constructor(env: Env, rawCspConfig?: Partial>);
+ constructor(rawCspConfig?: Partial>);
+ // (undocumented)
+ static readonly DEFAULT: CspConfig;
// (undocumented)
readonly header: string;
// (undocumented)
readonly rules: string[];
// (undocumented)
- readonly rulesChangedFromDefault: boolean;
- // (undocumented)
readonly strict: boolean;
// (undocumented)
readonly warnLegacyBrowsers: boolean;
@@ -774,7 +774,6 @@ export type IContextProvider, TContextName
export interface ICspConfig {
readonly header: string;
readonly rules: string[];
- readonly rulesChangedFromDefault: boolean;
readonly strict: boolean;
readonly warnLegacyBrowsers: boolean;
}
diff --git a/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.test.ts b/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.test.ts
index 584621a1ce13f..395cb60587832 100644
--- a/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.test.ts
+++ b/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.test.ts
@@ -18,8 +18,6 @@
*/
import { CspConfig, ICspConfig } from '../../../../../../core/server';
-// eslint-disable-next-line @kbn/eslint/no-restricted-paths
-import { createMockEnv } from '../../../../../../core/server/config/env.mock';
import { createCspCollector } from './csp_collector';
const createMockKbnServer = () => ({
@@ -27,7 +25,7 @@ const createMockKbnServer = () => ({
setup: {
core: {
http: {
- csp: new CspConfig(createMockEnv()),
+ csp: new CspConfig(),
},
},
},
@@ -38,7 +36,7 @@ describe('csp collector', () => {
let kbnServer: ReturnType;
function updateCsp(config: Partial) {
- kbnServer.newPlatform.setup.core.http.csp = new CspConfig(createMockEnv(), config);
+ kbnServer.newPlatform.setup.core.http.csp = new CspConfig(config);
}
beforeEach(() => {
diff --git a/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.ts b/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.ts
index dce4c7fe6fefc..6622ed4bef478 100644
--- a/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.ts
+++ b/src/legacy/core_plugins/kibana/server/lib/csp_usage_collector/csp_collector.ts
@@ -18,6 +18,7 @@
*/
import { Server } from 'hapi';
+import { CspConfig } from '../../../../../../core/server';
import { UsageCollectionSetup } from '../../../../../../plugins/usage_collection/server';
export function createCspCollector(server: Server) {
@@ -25,11 +26,7 @@ export function createCspCollector(server: Server) {
type: 'csp',
isReady: () => true,
async fetch() {
- const {
- strict,
- warnLegacyBrowsers,
- rulesChangedFromDefault,
- } = server.newPlatform.setup.core.http.csp;
+ const { strict, warnLegacyBrowsers, header } = server.newPlatform.setup.core.http.csp;
return {
strict,
@@ -37,7 +34,7 @@ export function createCspCollector(server: Server) {
// It's important that we do not send the value of csp.header here as it
// can be customized with values that can be identifiable to given
// installs, such as URLs
- rulesChangedFromDefault,
+ rulesChangedFromDefault: header !== CspConfig.DEFAULT.header,
};
},
};
diff --git a/src/legacy/server/status/routes/api/register_status.js b/src/legacy/server/status/routes/api/register_status.js
index 55bf81f2c5f9a..259a00667810f 100644
--- a/src/legacy/server/status/routes/api/register_status.js
+++ b/src/legacy/server/status/routes/api/register_status.js
@@ -18,7 +18,6 @@
*/
import { wrapAuthConfig } from '../../wrap_auth_config';
-import { IS_KIBANA_DISTRIBUTABLE } from '../../../../utils/artifact_type';
const matchSnapshot = /-SNAPSHOT$/;
@@ -36,8 +35,6 @@ export function registerStatusApi(kbnServer, server, config) {
return {
name: config.get('server.name'),
uuid: config.get('server.uuid'),
- // flag to help tests know that kibana is running from source, not included in distributable response
- ...(IS_KIBANA_DISTRIBUTABLE ? {} : { running_from_source: true }),
version: {
number: config.get('pkg.version').replace(matchSnapshot, ''),
build_hash: config.get('pkg.buildSha'),
diff --git a/test/api_integration/apis/general/csp.js b/test/api_integration/apis/general/csp.js
index 38893c371fb52..8c191703070d8 100644
--- a/test/api_integration/apis/general/csp.js
+++ b/test/api_integration/apis/general/csp.js
@@ -21,7 +21,6 @@ import expect from '@kbn/expect';
export default function({ getService }) {
const supertest = getService('supertest');
- const kibanaServer = getService('kibanaServer');
describe('csp smoke test', () => {
it('app response sends content security policy headers', async () => {
@@ -37,12 +36,11 @@ export default function({ getService }) {
})
);
- const isDist = await kibanaServer.status.isDistributable();
const entries = Array.from(parsed.entries());
expect(entries).to.eql([
['script-src', ["'unsafe-eval'", "'self'"]],
['worker-src', ['blob:', "'self'"]],
- ['style-src', [...(isDist ? [] : ['blob:']), "'unsafe-inline'", "'self'"]],
+ ['style-src', ["'unsafe-inline'", "'self'"]],
]);
});
});
diff --git a/x-pack/test/oidc_api_integration/apis/implicit_flow/oidc_auth.ts b/x-pack/test/oidc_api_integration/apis/implicit_flow/oidc_auth.ts
index 87979ca643a19..1f5a64835416a 100644
--- a/x-pack/test/oidc_api_integration/apis/implicit_flow/oidc_auth.ts
+++ b/x-pack/test/oidc_api_integration/apis/implicit_flow/oidc_auth.ts
@@ -15,7 +15,6 @@ import { FtrProviderContext } from '../../ftr_provider_context';
export default function({ getService }: FtrProviderContext) {
const supertest = getService('supertestWithoutAuth');
const config = getService('config');
- const kibanaServer = getService('kibanaServer');
describe('OpenID Connect Implicit Flow authentication', () => {
describe('finishing handshake', () => {
@@ -57,17 +56,12 @@ export default function({ getService }: FtrProviderContext) {
});
await (dom.window as Record).__isScriptExecuted__;
- const isDist = await kibanaServer.status.isDistributable();
// Check that proxy page is returned with proper headers.
expect(response.headers['content-type']).to.be('text/html; charset=utf-8');
expect(response.headers['cache-control']).to.be('private, no-cache, no-store');
expect(response.headers['content-security-policy']).to.be(
- [
- `script-src 'unsafe-eval' 'self';`,
- `worker-src blob: 'self';`,
- `style-src ${isDist ? '' : 'blob: '}'unsafe-inline' 'self'`,
- ].join(' ')
+ `script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'`
);
// Check that script that forwards URL fragment worked correctly.
diff --git a/x-pack/test/saml_api_integration/apis/security/saml_login.ts b/x-pack/test/saml_api_integration/apis/security/saml_login.ts
index d4de4d601a36c..0436d59906ea8 100644
--- a/x-pack/test/saml_api_integration/apis/security/saml_login.ts
+++ b/x-pack/test/saml_api_integration/apis/security/saml_login.ts
@@ -17,7 +17,6 @@ export default function({ getService }: FtrProviderContext) {
const randomness = getService('randomness');
const supertest = getService('supertestWithoutAuth');
const config = getService('config');
- const kibanaServer = getService('kibanaServer');
const kibanaServerConfig = config.get('servers.kibana');
@@ -138,17 +137,12 @@ export default function({ getService }: FtrProviderContext) {
});
await (dom.window as Record).__isScriptExecuted__;
- const isDist = await kibanaServer.status.isDistributable();
// Check that proxy page is returned with proper headers.
expect(response.headers['content-type']).to.be('text/html; charset=utf-8');
expect(response.headers['cache-control']).to.be('private, no-cache, no-store');
expect(response.headers['content-security-policy']).to.be(
- [
- `script-src 'unsafe-eval' 'self';`,
- `worker-src blob: 'self';`,
- `style-src ${isDist ? '' : 'blob: '}'unsafe-inline' 'self'`,
- ].join(' ')
+ `script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'`
);
// Check that script that forwards URL fragment worked correctly.
diff --git a/x-pack/test/saml_api_integration/config.ts b/x-pack/test/saml_api_integration/config.ts
index 1d83f374e966c..6ea29b0d9e56e 100644
--- a/x-pack/test/saml_api_integration/config.ts
+++ b/x-pack/test/saml_api_integration/config.ts
@@ -20,7 +20,6 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) {
testFiles: [require.resolve('./apis')],
servers: xPackAPITestsConfig.get('servers'),
services: {
- kibanaServer: kibanaAPITestsConfig.get('services.kibanaServer'),
randomness: kibanaAPITestsConfig.get('services.randomness'),
legacyEs: kibanaAPITestsConfig.get('services.legacyEs'),
supertestWithoutAuth: xPackAPITestsConfig.get('services.supertestWithoutAuth'),