Cadoles/eole-lemonldap
21
0
Fork 0
Code Issues 11 Pull Requests Releases Wiki Activity

Add variables to defined allowed CSP targets

Browse Source
This commit is contained in:
Benjamin Bohard
2019-12-12 12:01:00 +01:00
parent 994166b1fd
commit 207dadd5cc
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tmpl/portal-nginx.conf
View File

@ -5,6 +5,8 @@
# ~/CN=(?<CN>[^/]+) $CN;
#}
%set %%webDomain = %%authWebName.split('.',1)[1]
%set %%CSPTargets = %%custom_join(['http://*.{0} https://*.{0}'.format(d) for d in set([%%webDomain] + %%getVar('llCSPTargets'))], ' ')
server {
listen 80;
@ -42,7 +44,7 @@ server {
fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_hide_header Content-Security-Policy;
add_header Content-Security-Policy "default-src 'self'; form-action 'self' http://*.%%webDomain https://*.%%webDomain; object-src 'none'";
add_header Content-Security-Policy "default-src 'self'; form-action 'self' %%CSPTargets; object-src 'none'";
}