diff --git a/cmd/bridge/main.go b/cmd/bridge/main.go index 1fd27be5a1b..c0ef5029ab8 100644 --- a/cmd/bridge/main.go +++ b/cmd/bridge/main.go @@ -156,7 +156,6 @@ func main() { fPluginProxy := fs.String("plugin-proxy", "", "Defines various service types to which will console proxy plugins requests. (JSON as string)") fI18NamespacesFlags := fs.String("i18n-namespaces", "", "List of namespaces separated by comma. Example --i18n-namespaces=plugin__acm,plugin__kubevirt") - fContentSecurityPolicyEnabled := fs.Bool("content-security-policy-enabled", true, "Flag to indicate if Content Secrity Policy features should be enabled.") consoleCSPFlags := serverconfig.MultiKeyValue{} fs.Var(&consoleCSPFlags, "content-security-policy", "List of CSP directives that are enabled for the console. Each entry consist of csp-directive-name as a key and csp-directive-value as a value. Example --content-security-policy script-src='localhost:9000',font-src='localhost:9001'") @@ -346,7 +345,6 @@ func main() { EnabledPluginsOrder: enabledPluginsOrder, I18nNamespaces: i18nNamespaces, PluginProxy: *fPluginProxy, - ContentSecurityPolicyEnabled: *fContentSecurityPolicyEnabled, ContentSecurityPolicy: consoleCSPFlags, QuickStarts: *fQuickStarts, AddPage: *fAddPage, diff --git a/pkg/server/server.go b/pkg/server/server.go index 728f0b4d6d0..586cd53704e 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -166,7 +166,6 @@ type Server struct { ClusterManagementProxyConfig *proxy.Config CookieEncryptionKey []byte CookieAuthenticationKey []byte - ContentSecurityPolicyEnabled bool ContentSecurityPolicy serverconfig.MultiKeyValue ControlPlaneTopology string CopiedCSVsDisabled bool @@ -719,18 +718,16 @@ func (s *Server) indexHandler(w http.ResponseWriter, r *http.Request) { panic(err) } - if s.ContentSecurityPolicyEnabled { - cspDirectives, err := utils.BuildCSPDirectives( - s.K8sMode, - s.ContentSecurityPolicy, - indexPageScriptNonce, - r.Header.Get("Test-CSP-Reporting-Endpoint"), - ) - if err != nil { - klog.Fatalf("Error building Content Security Policy directives: %s", err) - } - w.Header().Set("Content-Security-Policy-Report-Only", strings.Join(cspDirectives, "; ")) + cspDirectives, err := utils.BuildCSPDirectives( + s.K8sMode, + s.ContentSecurityPolicy, + indexPageScriptNonce, + r.Header.Get("Test-CSP-Reporting-Endpoint"), + ) + if err != nil { + klog.Fatalf("Error building Content Security Policy directives: %s", err) } + w.Header().Set("Content-Security-Policy-Report-Only", strings.Join(cspDirectives, "; ")) jsg := &jsGlobals{ AddPage: s.AddPage, diff --git a/pkg/serverconfig/config.go b/pkg/serverconfig/config.go index c8cd6be0b80..60368aa236c 100644 --- a/pkg/serverconfig/config.go +++ b/pkg/serverconfig/config.go @@ -178,7 +178,6 @@ func SetFlagsFromConfig(fs *flag.FlagSet, config *Config) (err error) { return err } - addContentSecurityPolicyEnabled(fs, &config.ContentSecurityPolicyEnabled) addContentSecurityPolicy(fs, config.ContentSecurityPolicy) addTelemetry(fs, config.Telemetry) @@ -481,12 +480,6 @@ func addI18nNamespaces(fs *flag.FlagSet, i18nNamespaces []string) { fs.Set("i18n-namespaces", strings.Join(i18nNamespaces, ",")) } -func addContentSecurityPolicyEnabled(fs *flag.FlagSet, enabled *bool) { - if enabled != nil && *enabled { - fs.Set("content-security-policy-enabled", "true") - } -} - func SetIfUnset(flagVal *string, val string) { if len(*flagVal) == 0 { *flagVal = val diff --git a/pkg/serverconfig/types.go b/pkg/serverconfig/types.go index 6150bb82d0d..9a161c93301 100644 --- a/pkg/serverconfig/types.go +++ b/pkg/serverconfig/types.go @@ -13,23 +13,22 @@ import ( // Config is the top-level console server cli configuration. type Config struct { - APIVersion string `yaml:"apiVersion"` - Kind string `yaml:"kind"` - ServingInfo `yaml:"servingInfo"` - ClusterInfo `yaml:"clusterInfo"` - Auth `yaml:"auth"` - Session `yaml:"session"` - Customization `yaml:"customization"` - Providers `yaml:"providers"` - Helm `yaml:"helm"` - MonitoringInfo `yaml:"monitoringInfo,omitempty"` - Plugins MultiKeyValue `yaml:"plugins,omitempty"` - I18nNamespaces []string `yaml:"i18nNamespaces,omitempty"` - Proxy Proxy `yaml:"proxy,omitempty"` - ContentSecurityPolicyEnabled bool `yaml:"contentSecurityPolicyEnabled,omitempty"` - ContentSecurityPolicy map[consolev1.DirectiveType][]string `yaml:"contentSecurityPolicy,omitempty"` - Telemetry MultiKeyValue `yaml:"telemetry,omitempty"` - PluginsOrder []string `yaml:"pluginsOrder,omitempty"` + APIVersion string `yaml:"apiVersion"` + Kind string `yaml:"kind"` + ServingInfo `yaml:"servingInfo"` + ClusterInfo `yaml:"clusterInfo"` + Auth `yaml:"auth"` + Session `yaml:"session"` + Customization `yaml:"customization"` + Providers `yaml:"providers"` + Helm `yaml:"helm"` + MonitoringInfo `yaml:"monitoringInfo,omitempty"` + Plugins MultiKeyValue `yaml:"plugins,omitempty"` + I18nNamespaces []string `yaml:"i18nNamespaces,omitempty"` + Proxy Proxy `yaml:"proxy,omitempty"` + ContentSecurityPolicy map[consolev1.DirectiveType][]string `yaml:"contentSecurityPolicy,omitempty"` + Telemetry MultiKeyValue `yaml:"telemetry,omitempty"` + PluginsOrder []string `yaml:"pluginsOrder,omitempty"` } type Proxy struct {