Skip to content

Pull Request for Fix/clickjacking vulnerability #311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
atharv02-git wants to merge 15 commits into from
Closed

Pull Request for Fix/clickjacking vulnerability #311

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
ce37bf2
fix: correct ability to edit teaching periods
macite Feb 20, 2025
7daacd1
fix: ensure an old grade is present in portfolio assessment
macite Feb 20, 2025
3479b7a
fix: ensure overseer images can be edited
macite Feb 25, 2025
34beff4
chore(release): 8.0.35
macite Feb 28, 2025
72c89b3
fix: overseer image admin in unit and task
macite Mar 6, 2025
8a0ca1c
chore: add proxy for running in dev using compose
macite Mar 6, 2025
d224680
chore(release): 8.0.36
macite Mar 7, 2025
a1e4d71
fix: ensure overseer download get resources zip
macite Mar 10, 2025
907c0ce
Merge branch '8.0.x' of https://github.com/macite/doubtfire-web into …
macite Mar 10, 2025
54ac924
chore(release): 8.0.37
macite Mar 10, 2025
5141529
feat: add option for institution logo
macite Mar 16, 2025
e065c46
fix: reply to position and wrapping
macite Mar 20, 2025
92ecdfb
chore: remove unused old angular tools
macite Mar 20, 2025
f705851
wip: committing package.json files before reviewing visualisation-ser…
atharv02-git Apr 2, 2025
c73e594
commented headers for content security policy in nginx
atharv02-git Apr 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,29 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

### [8.0.37](https://github.com/macite/doubtfire-deploy/compare/v8.0.36...v8.0.37) (2025-03-10)


### Bug Fixes

* ensure overseer download get resources zip ([a1e4d71](https://github.com/macite/doubtfire-deploy/commit/a1e4d71b34733bc53cd2cfa63ee1e70f8f43386f))

### [8.0.36](https://github.com/macite/doubtfire-deploy/compare/v8.0.35...v8.0.36) (2025-03-07)


### Bug Fixes

* overseer image admin in unit and task ([72c89b3](https://github.com/macite/doubtfire-deploy/commit/72c89b30cca426d56c7efbbac34e00fd734fe714))

### [8.0.35](https://github.com/macite/doubtfire-deploy/compare/v8.0.34...v8.0.35) (2025-02-28)


### Bug Fixes

* correct ability to edit teaching periods ([ce37bf2](https://github.com/macite/doubtfire-deploy/commit/ce37bf27689744a6f43be46912be0d14e2cdbc6b))
* ensure an old grade is present in portfolio assessment ([7daacd1](https://github.com/macite/doubtfire-deploy/commit/7daacd1bf0af050aeb6db503d963e574f68b9a94))
* ensure overseer images can be edited ([3479b7a](https://github.com/macite/doubtfire-deploy/commit/3479b7af589b9ba986ddbb7dc8a84fd0be3e66e6))

### [8.0.34](https://github.com/macite/doubtfire-deploy/compare/v8.0.33...v8.0.34) (2025-02-12)


Expand Down
4 changes: 2 additions & 2 deletions nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ http {
root /usr/share/nginx/html/;
index index.html;
listen 80;

add_header Content-Security-Policy "default-src https: 'unsafe-inline' 'unsafe-eval' blob: data: ws:" always;
# Commenting out add_headers here so that it won't create over-ride conflict with the security headers mentioned in proxy-nginx.conf
# add_header Content-Security-Policy "default-src https: 'unsafe-inline' 'unsafe-eval' blob: data: ws:" always;
# add_header Feature-Policy "microphone=(self),speaker=(self),fullscreen=(self),payment=(none);" always;
add_header Permissions-Policy "microphone=(self),speaker=(self),fullscreen=(self),payment=(none)" always;

Expand Down
Loading