kibana

mirror of https://github.com/elastic/kibana.git synced 2025-04-25 02:09:32 -04:00

History

elena-shostak cc50c8dc94 Permissions Policy Reporting (#186892 ) ## Summary 1. Added top-level `permissionsPolicy` configuration setting. 2. Added support for `report_to` directive. 3. Added support for `Permissions-Policy-Report-Only` header to enable reporting mode. 4. The [spec](https://www.w3.org/TR/permissions-policy/#reporting) mentions `featureId` in the reporting body, however the field is `policyId` in Chromium. ## How to test - Add in your `kibana.dev.yml`. ``` server.customResponseHeaders.Reporting-Endpoints: violations-endpoint="https://localhost:5601/kibana/internal/security/analytics/_record_violations" server.securityResponseHeaders.permissionsPolicy: 'microphone=()' server.securityResponseHeaders.permissionsPolicyReportOnly: 'camera=()' ``` - Make sure you have [dev tools configured for Reporting API](https://developer.chrome.com/docs/capabilities/web-apis/reporting-api#use_devtools). - In the browser console invoke `navigator.mediaDevices.getUserMedia({ audio: true, video: true }).catch((e) => {});` - Open Dev Tools -> Application -> Reporting API. You should see 2 reports for permissions violation, one with `report` disposition and another with `enforce` disposition. <img width="1285" alt="Screenshot 2024-06-27 at 13 36 12" src="`3f3da7f6`-f6b0-4f33-9a81-dff3db0ac2b8"> ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ### Related Issue(s) https://github.com/elastic/kibana/issues/175113, https://github.com/elastic/kibana/issues/184939 ### Release Note Added support for Permissions Policy reporting.		2024-07-04 11:06:33 +02:00
..
images	[DOCS] Updates Canvas with new toolbar (#123418 )	2022-01-26 10:40:36 -06:00
install	[DOCS] Add link to on-prem install tutorial (#176096 )	2024-02-05 10:22:15 -05:00
upgrade	Update saved objects migrations documentation for 8.8.0 (#158241 )	2023-05-23 15:53:52 +02:00
access.asciidoc	(Doc+) Kibana unavailable if backing indices write blocked (#181244 )	2024-05-03 14:19:40 -07:00
configuring-logging.asciidoc	Update configuring-logging.asciidoc (#180835 )	2024-04-19 08:45:59 +02:00
configuring-reporting.asciidoc	[Reporting] update logs and docs on headless browser connection (#179882 )	2024-04-03 08:15:12 -07:00
connect-to-elasticsearch.asciidoc	[DOCS] Update (Enterprise) Search ingestion tool info (#183233 )	2024-05-13 16:57:54 +02:00
docker.asciidoc	Revert "[build/docker] Upgrade Ubuntu base image to 22.04 (#162282 )" (#170430 )	2023-11-02 12:56:17 -05:00
install.asciidoc	[Docs] remove Kibana book-scoped variables (#178676 )	2024-03-14 11:53:33 -04:00
secure-settings.asciidoc	[keystore] Add password support (#180414 )	2024-05-06 10:23:29 -05:00
settings.asciidoc	Permissions Policy Reporting (#186892 )	2024-07-04 11:06:33 +02:00
start-stop.asciidoc	[keystore] Add password support (#180414 )	2024-05-06 10:23:29 -05:00
upgrade.asciidoc	Adds documentation and improves migrations failing on timeouts while waiting for index yellow status (#130352 )	2022-04-21 08:11:39 -07:00