Headers middleware: support Content-Security-Policy-Report-Only

2024-06-07 10:24:04 +03:00 · 2024-06-07 10:24:04 +03:00 · b37aaea36d
commit b37aaea36d
parent 67f0700377
17 changed files with 116 additions and 66 deletions
--- a/docs/content/reference/dynamic-configuration/docker-labels.yml
+++ b/docs/content/reference/dynamic-configuration/docker-labels.yml
@ -55,6 +55,7 @@
 - "traefik.http.middlewares.middleware12.headers.allowedhosts=foobar, foobar"
 - "traefik.http.middlewares.middleware12.headers.browserxssfilter=true"
 - "traefik.http.middlewares.middleware12.headers.contentsecuritypolicy=foobar"
+- "traefik.http.middlewares.middleware12.headers.contentsecuritypolicyreportonly=foobar"
 - "traefik.http.middlewares.middleware12.headers.contenttypenosniff=true"
 - "traefik.http.middlewares.middleware12.headers.custombrowserxssvalue=foobar"
 - "traefik.http.middlewares.middleware12.headers.customframeoptionsvalue=foobar"
--- a/docs/content/reference/dynamic-configuration/file.toml
+++ b/docs/content/reference/dynamic-configuration/file.toml
@ -198,6 +198,7 @@
        browserXssFilter = true
        customBrowserXSSValue = "foobar"
        contentSecurityPolicy = "foobar"
+        contentSecurityPolicyReportOnly = "foobar"
        publicKey = "foobar"
        referrerPolicy = "foobar"
        permissionsPolicy = "foobar"
--- a/docs/content/reference/dynamic-configuration/file.yaml
+++ b/docs/content/reference/dynamic-configuration/file.yaml
@ -242,6 +242,7 @@ http:
        browserXssFilter: true
        customBrowserXSSValue: foobar
        contentSecurityPolicy: foobar
+        contentSecurityPolicyReportOnly: foobar
        publicKey: foobar
        referrerPolicy: foobar
        permissionsPolicy: foobar
--- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
@ -1309,6 +1309,10 @@ spec:
                    description: ContentSecurityPolicy defines the Content-Security-Policy
                      header value.
                    type: string
+                  contentSecurityPolicyReportOnly:
+                    description: ContentSecurityPolicyReportOnly defines the Content-Security-Policy-Report-Only
+                      header value.
+                    type: string
                  contentTypeNosniff:
                    description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
                      header with the nosniff value.
--- a/docs/content/reference/dynamic-configuration/kv-ref.md
+++ b/docs/content/reference/dynamic-configuration/kv-ref.md
@ -71,6 +71,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
 | `traefik/http/middlewares/Middleware12/headers/allowedHosts/1` | `foobar` |
 | `traefik/http/middlewares/Middleware12/headers/browserXssFilter` | `true` |
 | `traefik/http/middlewares/Middleware12/headers/contentSecurityPolicy` | `foobar` |
+| `traefik/http/middlewares/Middleware12/headers/contentSecurityPolicyReportOnly` | `foobar` |
 | `traefik/http/middlewares/Middleware12/headers/contentTypeNosniff` | `true` |
 | `traefik/http/middlewares/Middleware12/headers/customBrowserXSSValue` | `foobar` |
 | `traefik/http/middlewares/Middleware12/headers/customFrameOptionsValue` | `foobar` |
--- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
+++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
@ -585,6 +585,10 @@ spec:
                    description: ContentSecurityPolicy defines the Content-Security-Policy
                      header value.
                    type: string
+                  contentSecurityPolicyReportOnly:
+                    description: ContentSecurityPolicyReportOnly defines the Content-Security-Policy-Report-Only
+                      header value.
+                    type: string
                  contentTypeNosniff:
                    description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
                      header with the nosniff value.