Skip to content

Commit c97b231

Browse files
EmyrkEmyrk
committed
update golden files
1 parent 6388168 commit c97b231

File tree

3 files changed

+20
-0
lines changed

3 files changed

+20
-0
lines changed

cli/testdata/coder_server_--help.golden

+7
Original file line numberDiff line numberDiff line change
@@ -294,6 +294,13 @@ backed by Tailscale and WireGuard.
294294
+ 1`. Use special value 'disable' to turn off STUN completely.
295295

296296
NETWORKING / HTTP OPTIONS:
297+
--additional-csp-policy string-array, $CODER_ADDITIONAL_CSP_POLICY
298+
Coder configures a Content Security Policy (CSP) to protect against
299+
XSS attacks. This setting allows you to add additional CSP directives,
300+
which can open the attack surface of the deployment. Format matches
301+
the CSP directive format, e.g. --additional-csp-policy="script-src
302+
https://example.com".
303+
297304
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
298305
Disable password authentication. This is recommended for security
299306
purposes in production deployments that rely on an identity provider.

cli/testdata/server-config.yaml.golden

+6
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,12 @@ networking:
1616
# HTTP bind address of the server. Unset to disable the HTTP endpoint.
1717
# (default: 127.0.0.1:3000, type: string)
1818
httpAddress: 127.0.0.1:3000
19+
# Coder configures a Content Security Policy (CSP) to protect against XSS attacks.
20+
# This setting allows you to add additional CSP directives, which can open the
21+
# attack surface of the deployment. Format matches the CSP directive format, e.g.
22+
# --additional-csp-policy="script-src https://example.com".
23+
# (default: <unset>, type: string-array)
24+
additionalCSPPolicy: []
1925
# The maximum lifetime duration users can specify when creating an API token.
2026
# (default: 876600h0m0s, type: duration)
2127
maxTokenLifetime: 876600h0m0s

enterprise/cli/testdata/coder_server_--help.golden

+7
Original file line numberDiff line numberDiff line change
@@ -295,6 +295,13 @@ backed by Tailscale and WireGuard.
295295
+ 1`. Use special value 'disable' to turn off STUN completely.
296296

297297
NETWORKING / HTTP OPTIONS:
298+
--additional-csp-policy string-array, $CODER_ADDITIONAL_CSP_POLICY
299+
Coder configures a Content Security Policy (CSP) to protect against
300+
XSS attacks. This setting allows you to add additional CSP directives,
301+
which can open the attack surface of the deployment. Format matches
302+
the CSP directive format, e.g. --additional-csp-policy="script-src
303+
https://example.com".
304+
298305
--disable-password-auth bool, $CODER_DISABLE_PASSWORD_AUTH
299306
Disable password authentication. This is recommended for security
300307
purposes in production deployments that rely on an identity provider.

0 commit comments

Comments
 (0)