satellite/console: Update CSP to include storjsatelliteshare.io
Change-Id: I8238f6e2644a0f4ee727d0b8da56e59733dd3252
This commit is contained in:
parent
c8f31f1649
commit
771ec3237a
@ -424,10 +424,10 @@ func (server *Server) appHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
"connect-src 'self' *.tardigradeshare.io *.storjshare.io https://hcaptcha.com *.hcaptcha.com " + server.config.GatewayCredentialsRequestURL,
|
"connect-src 'self' *.tardigradeshare.io *.storjshare.io https://hcaptcha.com *.hcaptcha.com " + server.config.GatewayCredentialsRequestURL,
|
||||||
"frame-ancestors " + server.config.FrameAncestors,
|
"frame-ancestors " + server.config.FrameAncestors,
|
||||||
"frame-src 'self' *.stripe.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://hcaptcha.com *.hcaptcha.com",
|
"frame-src 'self' *.stripe.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://hcaptcha.com *.hcaptcha.com",
|
||||||
"img-src 'self' data: blob: *.tardigradeshare.io *.storjshare.io",
|
"img-src 'self' data: blob: *.tardigradeshare.io *.storjshare.io *.storjsatelliteshare.io",
|
||||||
// Those are hashes of charts custom tooltip inline styles. They have to be updated if styles are updated.
|
// Those are hashes of charts custom tooltip inline styles. They have to be updated if styles are updated.
|
||||||
"style-src 'unsafe-hashes' 'sha256-7mY2NKmZ4PuyjGUa4FYC5u36SxXdoUM/zxrlr3BEToo=' 'sha256-PRTMwLUW5ce9tdiUrVCGKqj6wPeuOwGogb1pmyuXhgI=' 'sha256-kwpt3lQZ21rs4cld7/uEm9qI5yAbjYzx+9FGm/XmwNU=' 'sha256-Qf4xqtNKtDLwxce6HLtD5Y6BWpOeR7TnDpNSo+Bhb3s=' 'self' https://hcaptcha.com *.hcaptcha.com",
|
"style-src 'unsafe-hashes' 'sha256-7mY2NKmZ4PuyjGUa4FYC5u36SxXdoUM/zxrlr3BEToo=' 'sha256-PRTMwLUW5ce9tdiUrVCGKqj6wPeuOwGogb1pmyuXhgI=' 'sha256-kwpt3lQZ21rs4cld7/uEm9qI5yAbjYzx+9FGm/XmwNU=' 'sha256-Qf4xqtNKtDLwxce6HLtD5Y6BWpOeR7TnDpNSo+Bhb3s=' 'self' https://hcaptcha.com *.hcaptcha.com",
|
||||||
"media-src 'self' blob: *.tardigradeshare.io *.storjshare.io",
|
"media-src 'self' blob: *.tardigradeshare.io *.storjshare.io *.storjsatelliteshare.io",
|
||||||
}
|
}
|
||||||
|
|
||||||
header.Set("Content-Security-Policy", strings.Join(cspValues, "; "))
|
header.Set("Content-Security-Policy", strings.Join(cspValues, "; "))
|
||||||
|
Loading…
Reference in New Issue
Block a user