Compilation results for cp2044.codfw.wmnet: System changes detected

You can retrieve this result from host.json.

Catalog differences

Summary

Total Resources:	3969
Resources added:	0
Resources removed:	0
Resources modified:	2
Change percentage:	0.05%

Resources modified

File[/usr/share/varnish/tests/upload-frontend.inc.vcl]

Content differences:

--- /usr/share/varnish/tests/upload-frontend.inc.vcl.orig
+++ /usr/share/varnish/tests/upload-frontend.inc.vcl
@@ -580,23 +580,13 @@
         // Restrict uploads from loading external resources across all of upload.w.o (T117618)
         // PDFs require object-src: self
         if ( req.url ~ "(?i)\.pdf$" ) {
-            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&";
+            set resp.http.Reporting-Endpoints = {"csp-endpoint="https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&""};
+            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&; report-to csp_endpoint";
             set resp.http.X-Content-Security-Policy-Report-Only = resp.http.Content-Security-Policy-Report-Only;
         } else {
-            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&";
+            set resp.http.Reporting-Endpoints = {"csp-endpoint="https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&""};
+            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&; report-to csp_endpoint";
             set resp.http.X-Content-Security-Policy-Report-Only = resp.http.Content-Security-Policy-Report-Only;
-        }
-
-        // Testwiki now in enforce mode
-        if (req.url ~ "^/wikipedia/test") {
-            if ( req.url ~ "(?i)\.pdf$" ) {
-                // PDFs don't like no object-src and sandbox in chrome
-                set resp.http.Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-                set resp.http.X-Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-            } else {
-                set resp.http.Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-                set resp.http.X-Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-            }
         }
     }

File[/etc/varnish/upload-frontend.inc.vcl]

Content differences:

--- /etc/varnish/upload-frontend.inc.vcl.orig
+++ /etc/varnish/upload-frontend.inc.vcl
@@ -580,23 +580,13 @@
         // Restrict uploads from loading external resources across all of upload.w.o (T117618)
         // PDFs require object-src: self
         if ( req.url ~ "(?i)\.pdf$" ) {
-            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&";
+            set resp.http.Reporting-Endpoints = {"csp-endpoint="https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&""};
+            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&; report-to csp_endpoint";
             set resp.http.X-Content-Security-Policy-Report-Only = resp.http.Content-Security-Policy-Report-Only;
         } else {
-            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&";
+            set resp.http.Reporting-Endpoints = {"csp-endpoint="https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&""};
+            set resp.http.Content-Security-Policy-Report-Only = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&; report-to csp_endpoint";
             set resp.http.X-Content-Security-Policy-Report-Only = resp.http.Content-Security-Policy-Report-Only;
-        }
-
-        // Testwiki now in enforce mode
-        if (req.url ~ "^/wikipedia/test") {
-            if ( req.url ~ "(?i)\.pdf$" ) {
-                // PDFs don't like no object-src and sandbox in chrome
-                set resp.http.Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-                set resp.http.X-Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; object-src 'self'; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-            } else {
-                set resp.http.Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-                set resp.http.X-Content-Security-Policy = "default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; connect-src https://upload.wikimedia.org/favicon.ico; media-src data: 'self'; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=0&source=image&action=cspreport&format=json&";
-            }
         }
     }

Compilation results for cp2044.codfw.wmnet: System changes detected

Catalog differences

Summary

Resources modified

Relevant files