Skip to content

Enable users to monitor their created content security policies for the most common issues #15

New issue
New issue
Open
Open
Enable users to monitor their created content security policies for the most common issues#15
Labels
Category: FeatureNew feature or requestComponent: Utility: CSPIssue related to CSP utility
@azasypkin

Description

@azasypkin
azasypkin
opened on Jun 7, 2023

Summary

Currently, we only allow users to create, store, and deploy content security policies. We don't provide any capabilities to help them ensure that the policies are correctly deployed and remain correct throughout their entire lifespan.

There are several common issues with CSP that we can potentially check for: non-unique nonces, deprecated directives, unexpected changes in the deployed policy, or unintentionally removed policies. Here's how we can display this information in the Secutils.dev UI:

Prerequisites

  • We need a way for users to specify their email we'll use to report detected issues. Later we can add Slack/messengers integrations.
  • We need a "cron job"-like module to perform periodic checks

Metadata

Metadata

Assignees

No one assigned

    Labels

    Category: FeatureNew feature or requestComponent: Utility: CSPIssue related to CSP utility

    Type

    No type

    Projects

    Roadmap

    Status

    📋 Not started

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions