github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.0] Remove support for configuring csp.rules (#114379)

Browse source 
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Christiane (Tina) Heiligers 2021-10-11 17:49:21 -07:00 committed by GitHub
parent 6cb91c472d
commit 44c9611bd9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 54 additions and 603 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/migration/migrate_8_0.asciidoc
View file

@ -48,6 +48,12 @@ for example, `logstash-*`.
*Impact:* To allow Kibana to function for these legacy browsers, set `csp.strict: false`. Since this is about enforcing a security protocol, we *strongly discourage* disabling `csp.strict` unless it is critical that you support Internet Explorer 11.
[float]
==== Configuring content security policy rules is no longer supported
*Details:* Configuring `csp.rules` is removed in favor of per-directive specific configuration. Configuring the default `csp.script_src`, `csp.workers_src` and `csp.style_src` values is not required.
*Impact:* Configure per-directive sources instead. See https://github.com/elastic/kibana/pull/102059 for more details.
[float]
==== Default logging timezone is now the system's timezone
*Details:* In prior releases the timezone used in logs defaulted to UTC. We now use the host machine's timezone by default.