fix(auth,frontend): secure cookie HTTP fix, technique links y CSP

- auth: desacopla SECURE_COOKIES de AEGIS_ENV para que el login funcione sobre HTTP (SECURE_COOKIES=false en servidor local) - TechniqueCell: button -> Link para href real (right-click, a11y) - TechniquesPage: añade Link en celda MITRE ID en vista lista - nginx CSP: amplía connect-src con ws:/wss: para evitar bloqueos Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-19 09:28:39 +02:00
parent 1249391ef0
commit 2495423790
4 changed files with 24 additions and 14 deletions
--- a/frontend/src/components/TechniqueCell.tsx
+++ b/frontend/src/components/TechniqueCell.tsx
@@ -1,4 +1,4 @@
-import { useNavigate } from "react-router-dom";
+import { Link } from "react-router-dom";
 import { AlertTriangle } from "lucide-react";
 import type { TechniqueStatus } from "../types/models";

@@ -48,18 +48,13 @@ export default function TechniqueCell({
  status,
  reviewRequired = false,
 }: TechniqueCellProps) {
-  const navigate = useNavigate();
  const colors = statusColors[status] || statusColors.not_evaluated;

-  const handleClick = () => {
-    navigate(`/techniques/${mitreId}`);
-  };
-
  return (
-    <button
-      onClick={handleClick}
+    <Link
+      to={`/techniques/${mitreId}`}
      className={`
-        relative w-full rounded-md border p-2 text-left transition-all
+        relative block w-full rounded-md border p-2 text-left transition-all
        hover:scale-[1.02] hover:shadow-lg hover:z-10
        ${colors.bg} ${colors.border}
      `}
@@ -73,6 +68,6 @@ export default function TechniqueCell({
      <p className="mt-0.5 truncate text-xs text-gray-300" title={name}>
        {name}
      </p>
-    </button>
+    </Link>
  );
 }