Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-13898

outreach content makes requests to external hosts and should only reference Nexus Repository urls instead

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.5.0, 3.23.0
    • Fix Version/s: None
    • Component/s: Outreach
    • Story Points:
      1
    • Notability:
      3

      Description

      It is common for organizations to block requests to external sites from an end users web browser. This is the primary reason outreach content is loaded from Nexus itself, instead of having the iframe reach out to the internet by way of the end users web browser.

      The outreach content is dynamic, but as of the original filing date of this ticket I noticed it sends requests to

      https://use.fontawesome.com

      Whether there is a fallback for fonts in case this external request does not work is irrelevant. Include any fonts directly in the content instead.

      In Aug 2020, requests to googleads.g.doubleclick.net were also detected.

      Expected

      Outreach content should not reference external content that does not reside or is accessible through urls on the Nexus server itself.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Joe Tom Joe Tom
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title