From 23add0cc8f816c8c669705916ef746790d73c4fe Mon Sep 17 00:00:00 2001 From: Timo Bejan Date: Wed, 4 May 2022 11:19:58 +0300 Subject: [PATCH] RED-3800 csp fix --- docker/common/nginx/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/common/nginx/nginx.conf b/docker/common/nginx/nginx.conf index 26e32461a..243242264 100644 --- a/docker/common/nginx/nginx.conf +++ b/docker/common/nginx/nginx.conf @@ -6,7 +6,7 @@ server { root /usr/share/nginx/html; # SSL stuff for cloudflare proxy-ing - ignores SSL certificate and uses SNI - add_header Content-Security-Policy "default-src 'self'; script-src 'inline'; script-src 'self' data: 'unsafe-eval'; script-src-elem 'self' data: blob: 'unsafe-inline'; script-src-attr 'self' data:; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:"; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' data: 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' data: blob: 'unsafe-inline'; script-src-attr 'self' data:; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:"; proxy_ssl_verify off; proxy_read_timeout 1m;