Skip to content

feat: Implement comprehensive security headers service…) #1260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Sep 28, 2025
Merged

feat: Implement comprehensive security headers service…) #1260

merged 12 commits into from
Sep 28, 2025

Conversation

@kumy
Copy link
Member

@kumy kumy commented Sep 28, 2025

No description provided.

@github-actions
Copy link

github-actions bot commented Sep 28, 2025

Robot Framework reports

kumy added 4 commits September 28, 2025 12:44
@kumy
fix: improve Docker dev environment setup
7b66df5 
- Add git safe directory config to Dockerfile
- Add vendor dependency installation check in entrypoint
- Handle dev/prod environment differences for composer install
@kumy
feat: consolidate CORS logic into SecurityHeaders service
569d877 
- Move allowed origins configuration to SecurityHeaders
- Add applyCorsHeaders method for basic CORS support
- Add applyCorsCredentialsHeaders method for authenticated requests
- Centralize CORS logic for better maintainability
@kumy
refactor: improve middleware organization and reduce duplication
57bb3dd 
- Add applySecurityWithCors helper function
- Remove duplicate CORS logic in favor of SecurityHeaders service
- Fix invalid '*' pattern to 'GET|HEAD|POST|PUT|OPTIONS /*'
- Improve code organization with logical grouping
- Add descriptive comments for middleware sections
@kumy
fix: resolve CSP violations for Crowdin inline translation
3fd2f74 
- Add 'unsafe-hashes' to script-src for jQuery event handlers
- Add script-src-attr 'unsafe-hashes' for inline event handlers
- Include crowdin-static.cf-downloads.crowdin.com for avatar images
- Allow Crowdin blob workers and child sources for inline translation
- Fixes CSP blocking of Crowdin functionality in inline-translation mode
@kumy kumy force-pushed the feature/security-headers-implementation branch from 0a2a312 to 3fd2f74 Compare September 28, 2025 11:20
kumy added 6 commits September 28, 2025 14:13
@kumy
fix: update CSP directives for Crowdin worker compatibility
7719ea6 
- Remove Base parameter dependencies from SecurityHeaders methods
- Ensure worker-src allows Crowdin blob workers in inline translation mode
- Maintain compatibility with existing CSP structure
@kumy
refactor: update Makefile to use pre-commit for checks
0ee5460 
- Replace individual check commands with pre-commit integration
- Add PHP_CS_FIXER_IGNORE_ENV to handle PHP 8.4 compatibility
- Create unified test target for easier CI/CD integration
- Maintain backward compatibility with existing targets
@kumy
fix: consolidate RUN instructions in Dockerfile
26a5d53 
- Combine git config and composer install commands into single RUN instruction
- Resolves hadolint DL3059 linting warning about consecutive RUN commands
- Reduces Docker image layers for better build efficiency
@kumy
fixup! refactor: improve middleware organization and reduce duplication
891ce77
@kumy
dependencies: Bump friendsofphp/php-cs-fixer
f2d8979
@kumy
chore: Automatic php-cs-fixer updates
ae4690a
@kumy kumy added this pull request to the merge queue Sep 28, 2025
Merged via the queue into main with commit 1b59588 Sep 28, 2025
18 checks passed
@kumy kumy deleted the feature/security-headers-implementation branch September 28, 2025 13:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kumy