Skip to content

Commit

Permalink
updating nginx config (#1999)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aforde-aot
aforde-aot authored Aug 11, 2023
1 parent 0bcd106 commit d89c0a3
Showing 1 changed file with 11 additions and 3 deletions.
14 changes: 11 additions & 3 deletions met-web/nginx/nginx.prod.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,17 @@ http {
worker-src 'self' blob:;
img-src 'self' data: blob: https://citz-gdx.objectstore.gov.bc.ca;
style-src 'self' 'unsafe-inline';
connect-src 'self' https://spt.apps.gov.bc.ca/com.snowplowanalytics.snowplow/tp2 https://met-analytics-api.apps.gold.devops.gov.bc.ca https://met-oidc.apps.gold.devops.gov.bc.ca https://kit.fontawesome.com https://ka-f.fontawesome.com https://citz-gdx.objectstore.gov.bc.ca https://api.mapbox.com https://governmentofbc.maps.arcgis.com https://tiles.arcgis.com https://www.arcgis.com https://vimeo.com;
frame-src 'self' https://met-oidc.apps.gold.devops.gov.bc.ca https://met-analytics.apps.gold.devops.gov.bc.ca https://www.youtube.com https://player.vimeo.com;
frame-ancestors 'self' https://met-oidc.apps.gold.devops.gov.bc.ca";
connect-src 'self' https://spt.apps.gov.bc.ca/com.snowplowanalytics.snowplow/tp2
https://epic-engage-analytics-api-prod.apps.gold.devops.gov.bc.ca
https://met-analytics-api-prod.apps.gold.devops.gov.bc.ca
https://epic-engage-oidc-prod.apps.gold.devops.gov.bc.ca
https://met-oidc-prod.apps.gold.devops.gov.bc.ca https://kit.fontawesome.com https://ka-f.fontawesome.com
https://citz-gdx.objectstore.gov.bc.ca https://api.mapbox.com https://governmentofbc.maps.arcgis.com
https://tiles.arcgis.com https://www.arcgis.com;
frame-src 'self' https://met-oidc-prod.apps.gold.devops.gov.bc.ca https://epic-engage-analytics-api-prod.apps.gold.devops.gov.bc.ca
https://epic-engage-oidc-prod.apps.gold.devops.gov.bc.ca
https://met-analytics-prod.apps.gold.devops.gov.bc.ca https://www.youtube.com https://player.vimeo.com;
frame-ancestors 'self' https://met-oidc-prod.apps.gold.devops.gov.bc.ca https://epic-engage-oidc-prod.apps.gold.devops.gov.bc.ca";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection 1;
Expand Down

0 comments on commit d89c0a3

Please sign in to comment.