.

dfinity · Feb 14, 2025 · d6a1087 · d6a1087
1 parent 32905a5
commit d6a1087
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 13 deletions.
diff --git a/e2e/tests-dfx/assetscanister.bash b/e2e/tests-dfx/assetscanister.bash
@@ -1382,8 +1382,7 @@ EOF
   echo '[]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_contains "This project does not define a security policy for some assets."
-  assert_contains "Assets without any security policy: all"
+  assert_contains "This project does not define a security policy for any assets."
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_not_match "content-security-policy"
   assert_not_match "permissions-policy"
@@ -1414,7 +1413,7 @@ EOF
   ]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_not_contains "This project does not define a security policy for some assets."
+  assert_not_contains "This project does not define a security policy for any assets."
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_not_match "content-security-policy"
   assert_not_match "permissions-policy"
@@ -1428,8 +1427,8 @@ EOF
   ]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_not_contains "This project does not define a security policy for some assets."
-  assert_not_contains "This project uses the default security policy for some assets."
+  assert_not_contains "This project does not define a security policy for any assets."
+  assert_not_contains "This project uses the default security policy for all assets."
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_not_match "content-security-policy"
   assert_not_match "permissions-policy"
@@ -1443,7 +1442,7 @@ EOF
   ]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_contains "This project uses the default security policy for some assets."
+  assert_contains "This project uses the default security policy for all assets."
   assert_not_contains "Unhardened assets:"
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_match "content-security-policy"
@@ -1480,7 +1479,7 @@ EOF
   ]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_not_contains "This project uses the default security policy for some assets."
+  assert_not_contains "This project uses the default security policy for all assets."
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_match "content-security-policy"
   assert_match "permissions-policy"
@@ -1508,8 +1507,8 @@ EOF
   ]' > src/e2e_project_frontend/assets/.ic-assets.json5
 
   assert_command dfx deploy
-  assert_not_contains "This project does not define a security policy for some assets."
-  assert_not_contains "This project uses the default security policy for some assets."
+  assert_not_contains "This project does not define a security policy for any assets."
+  assert_not_contains "This project uses the default security policy for all assets."
   assert_command curl --fail --head "http://localhost:$PORT/thing.json?canisterId=$ID"
   assert_match "content-security-policy: overwritten"
   assert_match "permissions-policy"

diff --git a/src/canisters/frontend/ic-asset/src/sync.rs b/src/canisters/frontend/ic-asset/src/sync.rs
@@ -384,9 +384,14 @@ pub(crate) fn gather_asset_descriptors(
             .filter(|asset| asset.config.warn_about_no_security_policy())
             .collect_vec();
         if !no_policy_assets.is_empty() {
+            let qnt = if no_policy_assets.len() == asset_descriptors.len() {
+                "any"
+            } else {
+                "some"
+            };
             warn!(
                 logger,
-                "This project does not define a security policy for some assets."
+                "This project does not define a security policy for {qnt} assets."
             );
             warn!(
                 logger,
@@ -399,9 +404,7 @@ pub(crate) fn gather_asset_descriptors(
             warn!(logger, "  }}");
             warn!(logger, "]");
 
-            if no_policy_assets.len() == asset_descriptors.len() {
-                warn!(logger, "Assets without any security policy: all");
-            } else {
+            if no_policy_assets.len() != asset_descriptors.len() {
                 warn!(logger, "Assets without any security policy:");
                 for asset in &no_policy_assets {
                     warn!(logger, "  - {}", asset.key);