Content security Policy (CSP) handled from Plugin
Hi Team,
We have developed a plugin (Build Step Plugin) which requires an access to external api, but because of Content security policy user needs to update the internal properties file manually, can you please help us in implementing the ContentSecurityPolicyConfig interface in the plugin itself.
Can you provide the some example of method implementation of
addUnprotectedPath
addDirectiveItems
removeDirectiveItems
We didn't find anything related to this in whole community.
We need to add the following config
teamcity.web.header.Content-Security-Policy.adminUI.protectedValue=frame-ancestors 'self'; connect-src 'self' ws: wss: http://localhost:9001/api/v3/schedules
teamcity.web.header.Content-Security-Policy.protectedValue=frame-ancestors 'self'; connect-src 'self' ws: wss: http://localhost:9001/api/v3/schedules
Please sign in to leave a comment.
Hello! I solved it working directly with the internal.properties file where the content-security-policies are defined.
Using some environment variables and system properties, I managed to find the <TeamCity_Data> directory, and inside the "config" folder where the internal.properties should be.
When running the Teamcity instance on windows, installed as a services, the System.env: "TEAMCITY_DATA_PATH" wasn't asigned, so I figured it out reading the agent.home.dir first, going back to his parent to get the TeamCity_Server directory, and then going inside "conf" folder, and reading the "teamcity-startup.properties" which have the teamcity_data path in there.
I'm leaving my approach below:
Hope this information can help you! I didn't find another approach on this.