Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: kafkaflow admin dashboard vulnerabilities #536

Merged
merged 1 commit into from
Mar 8, 2024
Merged

fix: kafkaflow admin dashboard vulnerabilities #536

merged 1 commit into from
Mar 8, 2024

Conversation

JoaoRodriguesGithub
Copy link
Contributor

Description

This PR solves the following KafkaFlow.Admin.Dashboard vulnerabilities:

How Has This Been Tested?

  1. Changed environment.ts to http://localhost:63128/kafkaflow
  2. Added the following CORS on KafkaFlow.Sample.Dashboard
const string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";

services.AddCors(c =>
{
    c.AddPolicy(MyAllowSpecificOrigins, options =>
    options.AllowAnyMethod()
            .AllowAnyHeader()
            .SetIsOriginAllowed(origin => true)
            .AllowCredentials());
});

public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IHostApplicationLifetime lifetime)
{
    app
        .UseRouting()
        .UseCors(MyAllowSpecificOrigins)
        .UseEndpoints(endpoints => { endpoints.MapControllers(); })
        .UseKafkaFlowDashboard();
}
  1. Run ng serve --open for the client app and also run KafkaFlow.Sample.Dashboard
  2. Navigate to the following endpoint: http://localhost:4200/kafkaflow/

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have added tests to cover my changes
  • I have made corresponding changes to the documentation

Disclaimer

By sending us your contributions, you are agreeing that your contribution is made subject to the terms of our Contributor Ownership Statement

ailtonguitar
ailtonguitar reviewed Mar 8, 2024
View reviewed changes
Copy link
Contributor

@ailtonguitar ailtonguitar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, generate the dist folder and commit the changes

@JoaoRodriguesGithub
Copy link
Contributor Author

JoaoRodriguesGithub commented Mar 8, 2024
edited
Loading

Please, generate the dist folder and commit the changes

@ailtonguitar, I have this PR #538 with the updated dist folder.

Can i follow with this one then?

@JoaoRodriguesGithub JoaoRodriguesGithub force-pushed the fix/kafkaflow-admin-dashboard-vulnerabilities branch from 0a8bab0 to 4ad3e51 Compare March 8, 2024 17:12
@JoaoRodriguesGithub JoaoRodriguesGithub merged commit 0beaf75 into master Mar 8, 2024
3 checks passed
@JoaoRodriguesGithub JoaoRodriguesGithub deleted the fix/kafkaflow-admin-dashboard-vulnerabilities branch March 8, 2024 17:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ruiqbarbosa ruiqbarbosa ruiqbarbosa approved these changes

@brmagadutra brmagadutra brmagadutra approved these changes

@kikofps kikofps kikofps approved these changes

@ailtonguitar ailtonguitar ailtonguitar approved these changes

@joelfoliveira joelfoliveira Awaiting requested review from joelfoliveira

@simaoribeiro simaoribeiro Awaiting requested review from simaoribeiro

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@JoaoRodriguesGithub @ailtonguitar @kikofps @brmagadutra @ruiqbarbosa