opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-31 12:42:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

[main] Plugin fixes (#57399)

Browse Source 
* Plugins: Remove support for V1 manifests

* Plugins: Make proxy endpoints not leak sensitive HTTP headers

* Security: Fix do not forward login cookie in outgoing requests

(cherry picked from commit 4539c33fce5ef23badb08ebcbc09cb0cecb1f539)

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
This commit is contained in:
Marcus Efraimsson
2022-10-21 13:54:55 +02:00
committed by GitHub
parent af17123b5f
commit 6f8fcae01b
20 changed files with 198 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/plugins/manager/loader/loader_test.go
View File

@ -298,7 +298,7 @@ func TestLoader_Load(t *testing.T) {
},
},
{
name: "Load an unsigned plugin with modified signature (production)",
name: "Load a plugin with v1 manifest should return signatureInvalid",
class: plugins.External,
cfg: &config.Cfg{},
pluginPaths: []string{"../testdata/lacking-files"},
@ -306,12 +306,12 @@ func TestLoader_Load(t *testing.T) {
pluginErrors: map[string]*plugins.Error{
"test-datasource": {
PluginID: "test-datasource",
ErrorCode: "signatureModified",
ErrorCode: "signatureInvalid",
},
},
},
{
name: "Load an unsigned plugin with modified signature using PluginsAllowUnsigned config (production) still includes a signing error",
name: "Load a plugin with v1 manifest using PluginsAllowUnsigned config (production) should return signatureInvali",
class: plugins.External,
cfg: &config.Cfg{
PluginsAllowUnsigned: []string{"test-datasource"},
@ -321,7 +321,7 @@ func TestLoader_Load(t *testing.T) {
pluginErrors: map[string]*plugins.Error{
"test-datasource": {
PluginID: "test-datasource",
ErrorCode: "signatureModified",
ErrorCode: "signatureInvalid",
},
},
},