diff options
| author | Quentin Dufour <quentin@deuxfleurs.fr> | 2023-07-23 14:36:04 +0200 |
|---|---|---|
| committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2023-07-23 14:36:04 +0200 |
| commit | aaa80ae678b256525d1c32bf4d978905bb5076f1 (patch) | |
| tree | f8ce9c88c14198ed403b49bff5b095fcf2f7de2e | |
| parent | 233556e9ef8982f6818e250fe7471308986f16f2 (diff) | |
| download | nixcfg-aaa80ae678b256525d1c32bf4d978905bb5076f1.tar.gz nixcfg-aaa80ae678b256525d1c32bf4d978905bb5076f1.zip | |
final csp
| -rw-r--r-- | cluster/prod/app/garage/deploy/garage.hcl | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/cluster/prod/app/garage/deploy/garage.hcl b/cluster/prod/app/garage/deploy/garage.hcl index 34eb0cc..26f76de 100644 --- a/cluster/prod/app/garage/deploy/garage.hcl +++ b/cluster/prod/app/garage/deploy/garage.hcl @@ -98,8 +98,7 @@ job "garage" { tags = [ "garage-web", "tricot * 1", - #"tricot-add-header Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://code.jquery.com/; frame-ancestors 'self'", - "tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'", + "tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'; object-src 'none'", "tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload", "tricot-add-header X-Frame-Options SAMEORIGIN", "tricot-add-header X-XSS-Protection 1; mode=block", |