828ff-screen-shot-of-a-simple-stats-screen-with-a-graph

Jhoose Security V2.3.1 released

The latest version of the Jhoose security module is now available and can be installed through the Optimizely nuget feed.

With this release, I focused on two areas:

Updating the frontend framework and improving the UX

The frontend was developed in Javascript using ReachJS. It also used a deprecated Optimizely UI framework.

I decided to transition from Javascript to Typescript. This change, while seemingly simple, had a significant impact on code quality, squashing several bugs due to the language's type-checking nature.

I also replaced the legacy Optimizely UI framework with a more modern and supported UI framework.

I have also improved the UX by adding iconography to indicate read-only and disabled options.

New Reporting Dashboard

The reporting dashboard provides real-time metrics which display any ongoing errors caused by the Content Security Policy; you can then modify the policy as necessary.

Jhoose Security Dashboard - showing a summary of all the issues

The main screen displays the pages and directives with the main issues. By default, only issues from the last 30 minutes are shown, but the timeframe can be increased up to 7 days.

Jhoose CSP Issue Search — This screen allows the user to search for any recorded Content Security Policy issues

The search screen allows you to search for specific issues or look at issues older than 7 days.

Configuration Options

By default, all issues are stored in a custom database table; however, it is possible to alter the configuration to store them in an Elasticsearch index. Full details are available within the documentation.