Skip to content

Commit

Permalink
chore: remove unsafe-inline for font-src csp directive
Browse files Browse the repository at this point in the history
  • Loading branch information
MSzalowski committed Jun 17, 2024
1 parent ff3345b commit 8690cd1
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion scripts/govtool/config/templates/docker-compose.yml.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,7 @@ services:
logging: *logging
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com https://www.googletagmanager.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' o4506155985141760.ingest.sentry.io *.google-analytics.com *.api.pdf.gov.tools; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:"
- "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com https://www.googletagmanager.com 'self' data:; script-src *.usersnap.com 'self' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' o4506155985141760.ingest.sentry.io *.google-analytics.com *.api.pdf.gov.tools; font-src *.usersnap.com *.gstatic.com 'self' https://fonts.gstatic.com data:; worker-src blob:"
- "traefik.http.routers.to-frontend.rule=Host(`<DOMAIN>`)"
- "traefik.http.routers.to-frontend.entrypoints=websecure"
- "traefik.http.routers.to-frontend.tls.certresolver=myresolver"
Expand Down

0 comments on commit 8690cd1

Please sign in to comment.