feat(api): Update documentation to reflect security header support #8167
Conversation
|
Index
Expect-CT Details
Security Header Exposure
|
|
Going to make a few small tweaks to Report URI box (and fix getDynamicText as its wrong) |
|
|
dcramer
force-pushed
the
feat/security-headers-settings
branch
from
9706b25
to
ed39418
Compare
|
|
||
| componentWillMount() { | ||
| super.componentWillMount(); | ||
| this.props.setProjectNavSection('settings'); |
There was a problem hiding this comment.
This might be needed for old project settings, not sure
There was a problem hiding this comment.
ya I might as well keep it since I kept it elsewhere
|
|
||
| <CodeBlock>{this.getInstructions()}</CodeBlock> | ||
|
|
||
| <TextBlockNoMargin css={{marginTop: 30}}> |
There was a problem hiding this comment.
you can have noMargin as a prop
| return [ | ||
| { | ||
| name: 'Content Security Policy', | ||
| description: 'foo bar', |
| <HeaderName>{name}</HeaderName> | ||
| </Box> | ||
| <Button to={url} priority="primary"> | ||
| Instructions |
| </Panel> | ||
|
|
||
| <Panel> | ||
| <PanelHeader>{'Supported Formats'}</PanelHeader> |
| import ExternalLink from '../../../components/externalLink'; | ||
| import {Panel, PanelBody, PanelHeader} from '../../../components/panels'; | ||
| import PreviewFeature from '../../../components/previewFeature'; | ||
| import ReportURI, {getSecurityDsn} from './reportUri'; |
There was a problem hiding this comment.
casing is inconsistent w/ acronyms
| { | ||
| name: 'Content Security Policy', | ||
| description: 'foo bar', | ||
| url: `/settings/${orgId}/${projectId}/security-headers/csp/`, |
There was a problem hiding this comment.
if this is accessed in old settings, they'll be forwarded to new settings
There was a problem hiding this comment.
how much do we care? what is the other solution?
There was a problem hiding this comment.
You could try recreateRoute('csp/', this.props)
dcramer
force-pushed
the
feat/security-headers-settings
branch
4 times, most recently
from
62d51a7
to
f4e2bb6
Compare
|
Cleaned up a lot of this based on feedback and expanded test coverage |
|
Could we consider adding short form/acronyms to these links:
I ask because I think it's more common to talk about these in terms of their abbreviations instead of the full sentence, e.g. no one's asked us to add "Certificate Transparency" support. I think it would be more clear to someone quickly scanning this page. |
Switch to the new security header reporting endpoint for CSP and expose Expect-CT as a first-class citizen.
dcramer
force-pushed
the
feat/security-headers-settings
branch
from
f4e2bb6
to
0ee6c66
Compare
|
As @mattrobenolt mentioned the other day, we're sitll not fully rendering interfaces here. We'll likely just expose a generic JSON interface for this and simply render the raw key/value bits. Same thing for HPKP support (#8185) |
Switch to the new security header reporting endpoint for CSP and expose Expect-CT as a first-class citizen.
Fixes GH-7005