mirror of
https://github.com/Azure/cosmos-explorer.git
synced 2025-02-22 04:06:21 +00:00
881726e9af
* Changes to DE preview site to support managed identity. Changes to infrastructure to use new preview site. * Fix formatting. * Potential fix for code scanning alert no. 56: Server-side request forgery Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Use different secrets for subscription/tenant/client id's. * Revert new id names. * Update Az CLI config. * Update to Node 18 and update security vulnerable dependencies. --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
96 lines
3.3 KiB
XML
96 lines
3.3 KiB
XML
<?xml version="1.0"?>
|
|
<configuration>
|
|
<system.webServer>
|
|
<staticContent>
|
|
<mimeMap fileExtension="json" mimeType="application/json" />
|
|
<mimeMap fileExtension="woff" mimeType="application/font-woff" />
|
|
</staticContent>
|
|
<rewrite>
|
|
<rules>
|
|
<rule name="AAD-Redirect" stopProcessing="true">
|
|
<match url="^aad" ignoreCase="true"/>
|
|
<conditions>
|
|
<add input="{HTTP_HOST}" pattern="^cosmos.azure.com" />
|
|
</conditions>
|
|
<action type="Redirect" url="/?feature.enableAadDataPlane=true&feature.disableConnectionStringLogin=true" redirectType="Permanent" />
|
|
</rule>
|
|
</rules>
|
|
<outboundRules>
|
|
<rule name="Strict-Transport-Security" enabled="true">
|
|
<match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" />
|
|
<conditions>
|
|
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
|
|
</conditions>
|
|
<action type="Rewrite" value="max-age=31536000; includeSubdomains; preload" />
|
|
</rule>
|
|
</outboundRules>
|
|
</rewrite>
|
|
<httpProtocol>
|
|
<customHeaders>
|
|
<clear />
|
|
<add name="X-Xss-Protection" value="1; mode=block" />
|
|
<add name="X-Content-Type-Options" value="nosniff" />
|
|
<add name="Content-Security-Policy" value="frame-ancestors 'self' portal.azure.com *.portal.azure.com portal.azure.us portal.azure.cn portal.microsoftazure.de df.onecloud.azure-test.net *.fabric.microsoft.com *.powerbi.com *.analysis-df.windows.net dataexplorer-preview.azurewebsites.net" />
|
|
</customHeaders>
|
|
<redirectHeaders>
|
|
<clear />
|
|
</redirectHeaders>
|
|
</httpProtocol>
|
|
</system.webServer>
|
|
<location path="explorer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="hostedExplorer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="cellOutputViewer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="config.json">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="mpac/explorer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="mpac/hostedExplorer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="mpac/cellOutputViewer.html">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
<location path="mpac/config.json">
|
|
<system.webServer>
|
|
<staticContent>
|
|
<clientCache cacheControlMode="DisableCache" />
|
|
</staticContent>
|
|
</system.webServer>
|
|
</location>
|
|
</configuration> |