6 Commits

Author SHA1 Message Date
82c14e00ce feat: add csp headers for embedded apps (#18374)
I modified the proxy host cache we already had and were using for
websocket csp headers to also include the wildcard app host, then used
those for frame-src policies.

I did not add frame-ancestors, since if I understand correctly, those
would go on the app, and this middleware does not come into play there.
Maybe we will want to add it on workspace apps like we do with cors, if
we find apps are setting it to `none` or something.

Closes https://github.com/coder/internal/issues/684
2025-06-17 09:00:32 -08:00
17ddee05e5 chore: update golang to 1.24.1 (#17035)
- Update go.mod to use Go 1.24.1
- Update GitHub Actions setup-go action to use Go 1.24.1
- Fix linting issues with golangci-lint by:
  - Updating to golangci-lint v1.57.1 (more compatible with Go 1.24.1)

🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>

---------

Co-authored-by: Claude <claude@anthropic.com>
2025-03-26 01:56:39 -05:00
8ba05a9052 feat: add switch http(s) button to error page (#12942) 2024-04-26 11:52:53 -04:00
acaa254099 feat: link with protocol on shared ports (#12908) 2024-04-10 09:29:24 -04:00
6bb1a34a37 fix: allow ports in wildcard url configuration (#11657)
* fix: allow ports in wildcard url configuration

This just forwards the port to the ui that generates urls.
Our existing parsing + regex already supported ports for
subdomain app requests.
2024-01-18 09:44:05 -06:00
b246f08d84 chore: move app URL parsing to its own package (#11651)
* chore: move app url parsing to it's own package
2024-01-17 10:41:42 -06:00