Plugins: Add Subresource Integrity checks (#93024)

* Plugins: Pass hashes for SRI to frontend * Add SRI hashes to frontendsettings DTOs * Add docstring * TestSriHashes * Fix typo * Changed SriHashes to ModuleHash * update loader_test compareOpts * update ModuleHash error message * Add TestModuleHash/no_module.js * Add omitEmpty to moduleHash * Add ModuleHash to api/plugins/${pluginId}/settings * moved ModuleHash field * feat(plugins): add moduleHash to bootData and plugin types * feat(plugins): if moduleHash is available apply it to systemjs importmap * Calculate ModuleHash for CDN provisioned plugins * Add ModuleHash tests for TestCalculate * adjust test case name * removed .envrc * Fix signature verification failing for internal plugins * fix tests * Add pluginsFilesystemSriChecks feature togglemk * renamed FilesystemSriChecksEnabled * refactor(plugin_loader): prefer extending type declaration over ts-error * added a couple more tests * Removed unused features * Removed unused argument from signature.DefaultCalculator call * Removed unused argument from bootstrap.DefaultConstructFunc * Moved ModuleHash to pluginassets service * update docstring * lint * Removed cdn dependency from manifest.Signature * add tests * fix extra parameters in tests * "fix" tests * removed outdated test * removed unused cdn dependency in signature.DefaultCalculator * reduce diff * Cache returned values * Add support for deeply nested plugins (more than 1 hierarchy level) * simplify cache usage * refactor TestService_ModuleHash_Cache * removed unused testdata * re-generate feature toggles * use version for module hash cache * Renamed feature toggle to pluginsSriChecks and use it for both cdn and filesystem * Removed app/types/system-integrity.d.ts * re-generate feature toggles * re-generate feature toggles * feat(plugins): put systemjs integrity hash behind feature flag --------- Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
2025-07-29 17:02:20 +08:00 · 2024-10-04 14:55:09 +02:00
parent 153036be2e
commit 0db65d229e
46 changed files with 901 additions and 104 deletions
--- a/pkg/plugins/models.go
+++ b/pkg/plugins/models.go
@ -262,6 +262,7 @@ type PluginMetaDTO struct {
 	JSONData
 	Signature                 SignatureStatus `json:"signature"`
 	Module                    string          `json:"module"`
+	ModuleHash                string          `json:"moduleHash,omitempty"`
 	BaseURL                   string          `json:"baseUrl"`
 	Angular                   AngularMeta     `json:"angular"`
 	MultiValueFilterOperators bool            `json:"multiValueFilterOperators"`
@ -314,6 +315,7 @@ type PanelDTO struct {
 	Module          string          `json:"module"`
 	Angular         AngularMeta     `json:"angular"`
 	LoadingStrategy LoadingStrategy `json:"loadingStrategy"`
+	ModuleHash      string          `json:"moduleHash,omitempty"`
 }

 type AppDTO struct {
@ -325,6 +327,7 @@ type AppDTO struct {
 	LoadingStrategy LoadingStrategy `json:"loadingStrategy"`
 	Extensions      Extensions      `json:"extensions"`
 	Dependencies    Dependencies    `json:"dependencies"`
+	ModuleHash      string          `json:"moduleHash,omitempty"`
 }

 const (