CSP.

Enabling taler.net as 'default-src' because of 'glyphicons' loading.
author: Marcello Stanisci <stanisci.m@gmail.com> 2019-02-22 19:06:23 +0100
committer: Marcello Stanisci <stanisci.m@gmail.com> 2019-02-22 19:06:23 +0100
commit: 6aed63598ba221ad7b2e0c80361263e590caf249 (patch)
tree: 2cf67fadd6c94c7ec8b2d093ef5478ae2811d736
parent: 8dad02d7158f3d2b3f8cee17825effd6bf37ddbc (diff)
download: deployment-6aed63598ba221ad7b2e0c80361263e590caf249.tar.gz
deployment-6aed63598ba221ad7b2e0c80361263e590caf249.tar.bz2
deployment-6aed63598ba221ad7b2e0c80361263e590caf249.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl
index 4a932f8..742c9ab 100644
--- a/etc/nginx/conf.d/talerssl
+++ b/etc/nginx/conf.d/talerssl
@@ -10,5 +10,5 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
 add_header X-XSS-Protection "1; mode=block";
 add_header X-Frame-Options "SAMEORIGIN";
 add_header X-Content-Type-Options "nosniff";
-add_header Content-Security-Policy "default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.taler.net/dist/js/; style-src 'self' 'unsafe-inline' https://www.taler.net/dist/css/; connect-src 'self' wss://buildbot.taler.net";
+add_header Content-Security-Policy "default-src 'self' https://www.taler.net/dist/; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://buildbot.taler.net";
 add_header Referrer-Policy "same-origin";
author	Marcello Stanisci <stanisci.m@gmail.com>	2019-02-22 19:06:23 +0100
committer	Marcello Stanisci <stanisci.m@gmail.com>	2019-02-22 19:06:23 +0100
commit	6aed63598ba221ad7b2e0c80361263e590caf249 (patch)
tree	2cf67fadd6c94c7ec8b2d093ef5478ae2811d736
parent	8dad02d7158f3d2b3f8cee17825effd6bf37ddbc (diff)
download	deployment-6aed63598ba221ad7b2e0c80361263e590caf249.tar.gz deployment-6aed63598ba221ad7b2e0c80361263e590caf249.tar.bz2 deployment-6aed63598ba221ad7b2e0c80361263e590caf249.zip