Add server version info to CSP reports (#693)

LabKey · Jan 28, 2024 · 19b240a · 19b240a
1 parent add9029
commit 19b240a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 237 deletions.
diff --git a/server/bootstrap/src/org/labkey/filters/ContentSecurityPolicyFilter.java b/server/bootstrap/src/org/labkey/filters/ContentSecurityPolicyFilter.java
diff --git a/server/embedded/src/org/labkey/embedded/LabKeyServer.java b/server/embedded/src/org/labkey/embedded/LabKeyServer.java
@@ -5,10 +5,7 @@
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.valves.JsonAccessLogValve;
 import org.apache.tomcat.util.descriptor.web.ContextResource;
-import org.apache.tomcat.util.descriptor.web.FilterDef;
-import org.apache.tomcat.util.descriptor.web.FilterMap;
 import org.labkey.bootstrap.ConfigException;
-import org.labkey.filters.ContentSecurityPolicyFilter;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.context.ApplicationPidFileWriter;
@@ -46,8 +43,6 @@ public class LabKeyServer
     private static final String MAX_WAIT_MILLIS_DEFAULT = "120000";
     private static final String ACCESS_TO_CONNECTION_ALLOWED_DEFAULT = "true";
     private static final String VALIDATION_QUERY_DEFAULT = "SELECT 1";
-    private static final String REPORT_CSP_FILTER_NAME = "ReportContentSecurityPolicyFilter";
-    private static final String ENFORCE_CSP_FILTER_NAME = "EnforceContentSecurityPolicyFilter";
 
     public static void main(String[] args)
     {
@@ -130,11 +125,11 @@ protected TomcatWebServer getTomcatWebServer(Tomcat tomcat)
 
                     if (cspFilterProperties.getEnforce() != null)
                     {
-                        addCSPFilter("enforce", cspFilterProperties.getEnforce(), ENFORCE_CSP_FILTER_NAME ,context);
+                        context.addParameter("csp.enforce", cspFilterProperties.getEnforce());
                     }
                     if (cspFilterProperties.getReport() != null)
                     {
-                        addCSPFilter("report", cspFilterProperties.getReport(), REPORT_CSP_FILTER_NAME, context);
+                        context.addParameter("csp.report", cspFilterProperties.getReport());
                     }
 
                     // Issue 48426: Allow config for desired work directory
@@ -194,23 +189,6 @@ protected TomcatWebServer getTomcatWebServer(Tomcat tomcat)
                 return super.getTomcatWebServer(tomcat);
             }
 
-
-            private void addCSPFilter(String disposition, String policy, String filterName, StandardContext context)
-            {
-                FilterDef filterDef = new FilterDef();
-                filterDef.setFilterName(filterName);
-                filterDef.setFilter(new ContentSecurityPolicyFilter());
-                filterDef.addInitParameter("policy", policy);
-                filterDef.addInitParameter("disposition", disposition);
-
-                FilterMap filterMap = new FilterMap();
-                filterMap.setFilterName(filterName);
-                filterMap.addURLPattern("/*");
-
-                context.addFilterDef(filterDef);
-                context.addFilterMap(filterMap);
-            }
-
             // Issue 48565: allow for JSON-formatted access logs in embedded tomcat
             private void configureJsonAccessLogging(Tomcat tomcat, JsonAccessLog logConfig)
             {