mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
fix: allow static assets from cdn.getunleash.io
This commit is contained in:
parent
571dcf5d1c
commit
73685c771a
@ -13,21 +13,28 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
|
|||||||
},
|
},
|
||||||
contentSecurityPolicy: {
|
contentSecurityPolicy: {
|
||||||
directives: {
|
directives: {
|
||||||
defaultSrc: ["'self'"],
|
defaultSrc: ["'self'", 'cdn.getunleash.io'],
|
||||||
fontSrc: [
|
fontSrc: [
|
||||||
"'self'",
|
"'self'",
|
||||||
|
'cdn.getunleash.io',
|
||||||
'fonts.googleapis.com',
|
'fonts.googleapis.com',
|
||||||
'fonts.gstatic.com',
|
'fonts.gstatic.com',
|
||||||
],
|
],
|
||||||
styleSrc: [
|
styleSrc: [
|
||||||
"'self'",
|
"'self'",
|
||||||
"'unsafe-inline'",
|
"'unsafe-inline'",
|
||||||
|
'cdn.getunleash.io',
|
||||||
'fonts.googleapis.com',
|
'fonts.googleapis.com',
|
||||||
'fonts.gstatic.com',
|
'fonts.gstatic.com',
|
||||||
'data:',
|
'data:',
|
||||||
],
|
],
|
||||||
scriptSrc: ["'self'"],
|
scriptSrc: ["'self'", 'cdn.getunleash.io'],
|
||||||
imgSrc: ["'self'", 'data:', 'gravatar.com'],
|
imgSrc: [
|
||||||
|
"'self'",
|
||||||
|
'data:',
|
||||||
|
'cdn.getunleash.io',
|
||||||
|
'gravatar.com',
|
||||||
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user