mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
fix: allow static assets from cdn.getunleash.io
This commit is contained in:
parent
571dcf5d1c
commit
73685c771a
@ -13,21 +13,28 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
|
||||
},
|
||||
contentSecurityPolicy: {
|
||||
directives: {
|
||||
defaultSrc: ["'self'"],
|
||||
defaultSrc: ["'self'", 'cdn.getunleash.io'],
|
||||
fontSrc: [
|
||||
"'self'",
|
||||
'cdn.getunleash.io',
|
||||
'fonts.googleapis.com',
|
||||
'fonts.gstatic.com',
|
||||
],
|
||||
styleSrc: [
|
||||
"'self'",
|
||||
"'unsafe-inline'",
|
||||
'cdn.getunleash.io',
|
||||
'fonts.googleapis.com',
|
||||
'fonts.gstatic.com',
|
||||
'data:',
|
||||
],
|
||||
scriptSrc: ["'self'"],
|
||||
imgSrc: ["'self'", 'data:', 'gravatar.com'],
|
||||
scriptSrc: ["'self'", 'cdn.getunleash.io'],
|
||||
imgSrc: [
|
||||
"'self'",
|
||||
'data:',
|
||||
'cdn.getunleash.io',
|
||||
'gravatar.com',
|
||||
],
|
||||
},
|
||||
},
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user