84de15568a
website: revise full development environment instructions ( #12638 )
...
* website: revise full development environment instructions
Updates the full development environment instructions to make it clear you *will* need both
Docker and Golangci-Lint installed.
Adds the `poetry-plugin-shell` requirement, now that Poetry requires it.
Updates the per-platform development environment requirements to have a Linux-specific section,
and update the MacOS section to include poetry-plugin-shell and golangci-lint
Moves the instructions on what to do before committing to the bottom of the document; its location
was confusing and didn't clarify what steps were to be taken in what order.
Includes the instruction that, for a first-time run, you must run `make migrate` and `make gen` or
the TS-API won't be built, and in turn the WebUI build would otherwise fail.
We still need instructions for Windows.
* Prettier had opinions.
* Format error: "macOS," not "MacOS"
* Fixed some typos and cleaned up some prompts.
* Fixed 'under windows' -> 'on Windows'
2025-01-10 12:53:05 -08:00
6c0d462410
release: 2024.12.2 ( #12615 )
2025-01-09 20:38:27 +01:00
9dc2c26ba9
website/docs: prepare 2024.12.2 release notes ( #12614 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-01-09 17:42:29 +01:00
bb7338f5c1
website/docs: update customer portal ( #12603 )
...
* add note about license to access Support center
* more tweaks
* polish
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2025-01-08 18:34:44 -06:00
f949141d03
website/docs: policy for email whitelist: modernize ( #12558 )
...
* website/docs: policy for email whitelist: revamp
Updates the documentation to add an expression for source authentication. Then, it fixes the existing expression to work with authentik 2024.12.1 . Finally, the documentation page it-self is cleaned up and touched up.
Signed-off-by: 4d62 <github-user@sdko.org >
* website/docs: policy for email whitelist: lowercase title
Sets the title back to being lowercase, oops
Signed-off-by: 4d62 <github-user@sdko.org >
* website/docs: customize: whatever-title-i-put-before: lint
Lints the code with prettier.
* remind me to not run npx prettier --write website/docs/
* suggestions
* Update website/docs/customize/policies/expression/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: 4d62 <git@sdko.org >
* Update website/docs/customize/policies/expression/whitelist_email.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: 4d62 <github-user@sdko.org >
Signed-off-by: 4d62 <git@sdko.org >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2025-01-08 23:11:31 +00:00
646d133c30
lib: add expression helper ak_create_jwt to create JWTs ( #12599 )
...
* lib: add expression helper ak_create_jwt to create JWTs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lookup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-01-08 18:28:35 +01:00
f83fab214b
website/docs: fix Nginx redirection example ( #12561 )
...
Fix Nginx redirection
Signed-off-by: DanteMS <DanteMS@users.noreply.github.com >
2025-01-06 14:54:25 -06:00
943fd6b78b
website/user-sources Fix Free IPA docs page ( #12549 )
2025-01-06 12:10:29 +00:00
42766e13da
website/integrations: update preparation placeholder ( #12507 )
...
Updates the preparation placeholder everywherefollowing the review comment at https://github.com/goauthentik/authentik/pull/12476#discussion_r1898547435
2024-12-30 16:15:24 -06:00
3eaaa35a4c
release: 2024.12.1 ( #12466 )
2024-12-23 20:51:05 +01:00
c82b79f10f
website/docs: 2024.12.1 release notes ( #12462 )
...
* website/docs: 2024.12.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-23 14:08:02 +01:00
3367ac0e08
root: backport version bump ( #12426 )
2024-12-19 21:27:13 +01:00
d5ea0ffdc6
website/docs: add content about bindings ( #11787 )
...
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2024-12-19 20:35:20 +01:00
0db1e52f90
website/docs: add new section about impersonation ( #12328 )
...
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-12-19 19:58:58 +01:00
3e8620b686
website/docs: prepare for 2024.12.0 ( #12420 )
2024-12-19 18:17:14 +00:00
6687ffc6d2
root: expose CONN_MAX_AGE, CONN_HEALTH_CHECKS and DISABLE_SERVER_SIDE_CURSORS for PostgreSQL config ( #10159 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-12-19 17:44:18 +00:00
f06534cdf0
website/docs: release: 2024.12: add latest changes ( #12397 )
2024-12-18 18:35:07 +00:00
c8711d9f8f
website/docs: 2024.12 release notes ( #12300 )
...
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-12-18 13:39:17 +00:00
40a7135c0c
core: app entitlements ( #12090 )
...
* core: initial app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* base off of pbm
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and oauth2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rewrite to use bindings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make policy bindings form and list more customizable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* double fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refine permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing rbac modal to app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* separate scope for app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include entitlements mapping in proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add API validation to prevent policies from being bound to entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove duplicate docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-18 14:32:44 +01:00
98b5b75f29
blueprints: add AtIndex tag ( #12386 )
2024-12-18 13:10:37 +00:00
c436205e3d
website/docs: miscellaneous fixes ( #12351 )
...
* website/docs: miscellaneous fixes
* restore trailing space in signature delimiter
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* add link to Brands
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* fix inaccuracies
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-12-18 00:31:07 +01:00
190cb33f8e
website/docs: reverse proxies: add backlink to trusted_proxy_cidrs config ( #12364 )
2024-12-17 12:21:04 +01:00
4b5e66f9eb
website/docs: add 2024.12+ badge to redirect stage features ( #12346 )
...
add `2024.12+` badge to redirect stage features
2024-12-13 01:11:29 +00:00
ff504a3b80
stages/redirect: create redirect stage ( #12275 )
...
* create redirect stage
* show "keep context" toggle in Flow mode only
* fix typos
* add docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
* simplify property pass
* simplify toggle
* remove `print` statements
whoops
* fix typo
* remove default from `RedirectStage.mode`
* remove migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* oops
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-12-12 18:00:09 +01:00
deacc17832
sources/kerberos: add kadmin type setting, provide additional context to property mappings ( #12286 )
2024-12-12 13:25:43 +01:00
ddd3b0557e
website/docs: fix typo in device code auth example ( #12331 )
2024-12-12 09:47:57 +01:00
e5dd923333
release: 2024.10.5 ( #12319 )
...
* release: 2024.10.5
* manually bump aws version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 19:20:01 +01:00
29f53fd3a4
website/docs: update and rearchitect the oauth2 provider docs ( #11916 )
...
* new topics
* update diagram
* more writing and sidebar entries
* fix file name
* more link fixes
* fix header level
* Optimised images with calibre/image-actions
* rewrite stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* reorganize more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* messed w/ diagram and added 3 categories
* fixed anchor
* removed whole line
* add link
* more rearrangements
* more content
* edits
* more polishes, rest of Jens' knowledge dump
* more content
* tweaks
* tweak
* argh
* synch with main
* tweaks to test merge
* cleanup
* offline_access
* polish
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 12:03:07 -06:00
cbe5a0d2c8
website/docs: update 2024.10.5 release notes ( #12318 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 18:19:58 +01:00
83edb0dcb8
website/docs: prepare 2024.10.5 release notes ( #12309 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 14:15:24 +01:00
81ae02e623
enterprise: allow deletion/modification of users when in read-only mode ( #12289 )
...
* enterprise: allow deletion/modification of users when in read-only mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually 10.5+
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-12-10 13:07:50 +01:00
a117918cd6
website/docs: add page about the Cobalt pentest ( #12249 )
...
* draft for collab
* links
* added link to see all audits
* corrections and fix explanations
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com >
---------
Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Fletcher Heisler <fheisler@users.noreply.github.com >
2024-12-09 07:57:34 -06:00
84bc0b6fdd
website/docs: fix lint ( #12287 )
2024-12-06 20:09:16 +00:00
b75672ff0e
website/docs: Update Traefik middleware example to reflect latest version of Traefik ( #12267 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-12-05 18:09:13 +00:00
19488b7b9e
providers/oauth2: Add provider federation between OAuth2 Providers ( #12083 )
...
* rename + add field
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework source cc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-12-03 11:57:10 +02:00
fda6054285
website/docs: install: add aws ( #12082 )
2024-12-01 15:43:14 +00:00
f9e8138be3
providers/oauth2: allow m2m for JWKS without alg in keys ( #12196 )
...
* providers/oauth2: allow m2m for JWKS without alg in keys
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-11-27 19:01:40 +01:00
d69322ac68
website/docs: update procedurals for assigning roles to groups ( #12198 )
...
* update for dual-select
* add new dual-select unit and tweaks
* polishes
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-11-27 08:27:44 -06:00
3996bdac33
website: Bump prettier from 3.3.3 to 3.4.1 in /website ( #12205 )
...
* website: Bump prettier from 3.3.3 to 3.4.1 in /website
Bumps [prettier](https://github.com/prettier/prettier ) from 3.3.3 to 3.4.1.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.1 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* update formatting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disable flaky test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-11-27 15:14:19 +01:00
1daa5315d7
website/docs: Add note about single group per role ( #12169 )
...
This change adds an admonition to document the fact that every role can only ever be assigned to a single group at the same time. Since this is surprising based on a traditional understanding of role-based models, I've decided to make this a `:::warning`.
I'm undecided on the best place for this information, but for now, decided on putting it into the context of the action that can fail: assigning a role to a group.
While this does not close the issue, it documents this behavior to at least address the "needs documentation" aspect of #10983 .
Signed-off-by: Zuri Klaschka <pklaschka@users.noreply.github.com >
2024-11-26 10:23:29 -06:00
709e413e46
website/docs: Fix documentation about attribute merging for indirect membership ( #12168 )
...
While for role memberships, it is true that they are only applied for _direct_ memberships, this does not appear to be the case for attributes (which is good as this also follows the "Hierarchy" system documented in the same file).
In terms of the implementation, this is the case due to the call to `all_groups()` in 3d5a189fa7/authentik/core/models.py (L312-L313)https://github.com/goauthentik/authentik/pull/6017 . Looking through the files in there, it is clear that this line in the documentation is from before that point: 95e60a035d/website/docs/user-group/group.md (L15)#6017 , but is now out of date. This change fixes that.
Signed-off-by: Zuri Klaschka <pklaschka@users.noreply.github.com >
2024-11-26 09:51:01 -06:00
5e72ec9c0c
root: support running authentik in subpath ( #8675 )
...
* initial subpath support
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make outpost compatible
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix static files somewhat
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix most static stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix most web links
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix URL for static files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add root redirect for subpath
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set cookie path
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update internal/config/struct.go
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens L. <jens@beryju.org >
* fix sfe
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump required version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flow background
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint and some more links
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix impersonate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-11-26 15:38:23 +01:00
6c1ad982a1
website/docs: Fix CSP syntax ( #12124 )
...
Fix CSP syntax
Scheme sources need to not have quotes https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#scheme-source
Signed-off-by: Felix Schäfer <felix.schaefer@tu-dortmund.de >
2024-11-25 18:58:44 +01:00
1c5d61209e
website/docs: update info about footer links to match new UI ( #12120 )
...
* edit to match new UI
* polished text
* more tweaks
* additional sentence about Flow Executor and link to docs
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-11-21 14:14:15 -06:00
5fd1cdbb49
website/docs: prepare release notes ( #12142 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 19:11:22 +01:00
7f224cbfea
website/docs: prepare release notes ( #12119 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 15:06:17 +01:00
85bb638243
security: fix CVE 2024 52289 ( #12113 )
...
* initial migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix loading
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start dynamic ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add serialize
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add error message handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix/add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prepare docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate to new input
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 14:46:43 +01:00
5ea4580884
security: fix CVE 2024 52307 ( #12115 )
...
* security: fix CVE-2024-52307
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 14:24:28 +01:00
e9c29e1644
security: fix CVE 2024 52287 ( #12114 )
...
* security: CVE-2024-52287
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 14:22:46 +01:00
a9b3a4cf25
website/docs: add CSP to hardening ( #11970 )
...
* add CSP to hardening
* re-word docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* fix typo
* use the correct term "location" instead of "origin" in CSP docs
* reword docs
* add comments to permissive CSP directives
* add warning about overwriting existing CSP headers
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-11-21 14:20:04 +01:00
