Skip to content

Commit

Permalink
Add csp exception for youtube (#1844)
Browse files Browse the repository at this point in the history 
* Add csp exception for youtube

* add youtube csp exception
  • Loading branch information
@jadmsaadaot
jadmsaadaot authored Jul 14, 2023
1 parent 10044b8 commit 2f4fd41
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion met-web/nginx/nginx.dev.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ http {
# add in most common security headers
add_header Content-Security-Policy "
default-src 'self' https://kit.fontawesome.com https://ka-f.fontawesome.com data: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com https://www.youtube.com 'unsafe-eval';
worker-src 'self' blob:;
img-src 'self' data: blob: https://citz-gdx.objectstore.gov.bc.ca;
style-src 'self' 'unsafe-inline';
Expand Down
2 changes: 1 addition & 1 deletion met-web/nginx/nginx.prod.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ http {
# add in most common security headers
add_header Content-Security-Policy "
default-src 'self' https://kit.fontawesome.com https://ka-f.fontawesome.com data: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com https://www.youtube.com 'unsafe-eval';
worker-src 'self' blob:;
img-src 'self' data: blob: https://citz-gdx.objectstore.gov.bc.ca;
style-src 'self' 'unsafe-inline';
Expand Down
2 changes: 1 addition & 1 deletion met-web/nginx/nginx.test.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ http {
# add in most common security headers
add_header Content-Security-Policy "
default-src 'self' https://kit.fontawesome.com https://ka-f.fontawesome.com data: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com 'unsafe-eval';
script-src 'self' 'sha256-JXGej4mPACbE/fP5kuunldJEyMk62sNjNe85DtAcMoU=' https://kit.fontawesome.com https://ka-f.fontawesome.com https://www2.gov.bc.ca https://cdn.form.io https://api.mapbox.com https://www.youtube.com 'unsafe-eval';
worker-src 'self' blob:;
img-src 'self' data: blob: https://citz-gdx.objectstore.gov.bc.ca;
style-src 'self' 'unsafe-inline';
Expand Down

0 comments on commit 2f4fd41

Please sign in to comment.