Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(csp): add exceptions for ANDI A11y Tool #8542

Merged
merged 3 commits into from
Sep 4, 2024
Merged

fix(csp): add exceptions for ANDI A11y Tool #8542

merged 3 commits into from
Sep 4, 2024

Conversation

billhimmelsbach
Copy link
Contributor

@billhimmelsbach billhimmelsbach commented Aug 22, 2024
edited
Loading

We helped the ITAP team over in RegTech make some exceptions to our CSP during testing so they could use the ANDI accessibility tool for their accessibility audits, and they were hoping they could also run it on cf.gov. This PR adds the few CSP tweaks they need for the tool to start working.

You can see the current CSP issues by following the "How to test this PR" steps or take a peek at the screenshots.

Closes #8541

Notes and todos

  • Before this comes out of draft I need to...
    • Test this out in a dev environment
    • Have someone from ITAP confirm that it's working as expected
    • Talk to someone from D+D about the Akamai shenanigans that need to be done before this change could go live
    • Checked with Wyatt about the CSP

Additions

  • Add exceptions for ANDI A11y Tool to the CSP
    • ANDI scripts and the jquery version it uses
    • ANDI css styles
    • ANDI images for its icons

How to test this PR

  1. Install the ANDI accessibility tool bookmarklet in your browser using these instructions
  2. Click the ANDI button when on consumerfinance.gov (currently on DEV2)
  3. Does the tool appear and work as expected?

Screenshots

Before
Screenshot 2024-08-22 at 4 56 16 AM

After

Screenshot 2024-08-22 at 4 56 54 AM

@billhimmelsbach
fix(csp): add exceptions for ANDI A11y Tool
d4d90ec 
Changes:
- Add exceptions for ANDI A11y Tool to the Content Security Policy
  - ANDI scripts and the jquery version it uses
  - ANDI css styles
  - ANDI images for its icons
@billhimmelsbach
Merge branch 'main' into bill-8541-add-andi-exceptions-to-csp
daca072
wpears
wpears approved these changes Aug 26, 2024
View reviewed changes
Copy link
Member

@wpears wpears left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The jquery bit is a little unfortunate, but otherwise this looks good to me.

@billhimmelsbach billhimmelsbach marked this pull request as ready for review September 4, 2024 21:49
@billhimmelsbach billhimmelsbach added this pull request to the merge queue Sep 4, 2024
Merged via the queue into main with commit baaeda9 Sep 4, 2024
12 checks passed
@billhimmelsbach billhimmelsbach deleted the bill-8541-add-andi-exceptions-to-csp branch September 4, 2024 22:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wpears wpears wpears approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add ANDI accessibility tool exceptions to the CSP
2 participants
@billhimmelsbach @wpears