Merge pull request #3965 from open-formulieren/fix/3950-add-csp-eherk…

…enning

[#3950] Add CSP headers eHerkenning

src/openforms/contrib/digid_eherkenning/constants.py

@@ -2,5 +2,5 @@
 
 ADDITIONAL_CSP_VALUES = {
     DigidConfiguration: "https://digid.nl https://*.digid.nl",
-    EherkenningConfiguration: "",
+    EherkenningConfiguration: "https://*.eherkenning.nl",
 }

src/openforms/contrib/digid_eherkenning/tests/test_csp_update.py

@@ -180,7 +180,8 @@ def test_csp_updates_for_eherkenning(self, get_metadata):
         self.assertEqual(
             csp_added.value,
             "https://test-iwelcome.nl/broker/sso/1.13 "
-            "https://ehm01.iwelcome.nl/broker/slo/1.13",
+            "https://ehm01.iwelcome.nl/broker/slo/1.13 "
+            "https://*.eherkenning.nl",
         )
 
         # assert new csp entry is added and old one is deleted after url update
@@ -195,7 +196,8 @@ def test_csp_updates_for_eherkenning(self, get_metadata):
         self.assertEqual(
             csp_updated.value,
             "https://test-iwelcome.nl/broker/sso/1.13 "
-            "https://ehm01.iwelcome.nl/broker/slo/1.13",
+            "https://ehm01.iwelcome.nl/broker/slo/1.13 "
+            "https://*.eherkenning.nl",
         )
 
     @patch(
@@ -232,6 +234,7 @@ def test_response_headers_contain_form_action_values_in_eherkenning(
             "form-action "
             "'self' "
             "https://test-iwelcome.nl/broker/sso/1.13 "
-            "https://ehm01.iwelcome.nl/broker/slo/1.13;",
+            "https://ehm01.iwelcome.nl/broker/slo/1.13 "
+            "https://*.eherkenning.nl;",
             response.headers["Content-Security-Policy"],
         )