XML Variable Substitution changes "'" to "'" in customHeaders section #6814
Comments
vincent1173
added
Area: Release
Area: AzureAppService
|
@phleebagg , thanks for reporting the issue. This is a limitation we have in the substitution. |
|
I have tried doing so both with a Release scope variable and an environment-specific variable. Neither was applied, leaving the |
|
@phleebagg , To debug the issue, Can you please share the web.config file (mask the secrets) to |
|
Files (web.config before and after substitution) sent. |
|
@phleebagg , it's a genuine issue and we are currently working on the fix. |
|
The use of a config transform would probably work, however I am already using XML variable substitution for connection strings and other values at this time. I'll continue to use a manual edit post-release as a workaround for now. |
|
@phleebagg , the issue is fixed and the fix will be available in upcoming deployment (~3-4 weeks) |
[AGENT_MACHINENAME] --> [factoryvm-az391]
[AGENT_NAME] --> [Hosted Agent]
[AGENT_OS] --> [Windows_NT]
[AGENT_ID] --> [5]
[AGENT_VERSION] --> [2.131.0]
Task: Azure App Service Deploy
Version: 3.3.45
Before transform:
<add name="Content-Security-Policy" value="default-src 'self' 'unsafe-inline' 'unsafe-eval';"/>After transform:
<add name="Content-Security-Policy" value="default-src 'self' 'unsafe-inline' 'unsafe-eval';"/>Edit: Some further clarification:
The above element is in the system.webServers/customHeaders section, which is not accessible via variable substitution (which is fine and as expected).
My expectations were that there would be no modifications to the config beyond the variables being applied. The above changes to the Content-Security-Policy element causes the header to not be included in responses, which is unacceptable.
The text was updated successfully, but these errors were encountered: