JakeHillion/storj
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

satellite/console: update CSP

Browse Source 
Include *.storjsatelliteshare.io in the `connect-src` portion of the CSP
for the satellite UI.

Change-Id: Ic8c3d0cf892a3275866634cae3e9260d925e1c3e
This commit is contained in:
Moby von Briesen 2023-09-27 11:08:23 -04:00 committed by Storj Robot
parent 58b98bc335
commit c14e4b1eb4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
satellite/console/consoleweb/server.go
View File

@ -563,7 +563,7 @@ func (server *Server) setAppHeaders(w http.ResponseWriter, r *http.Request) {
cspValues := []string{
"default-src 'self'",
"script-src 'sha256-wAqYV6m2PHGd1WDyFBnZmSoyfCK0jxFAns0vGbdiWUA=' 'self' *.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com *.hcaptcha.com",
"connect-src 'self' *.tardigradeshare.io *.storjshare.io *.storjapi.io https://hcaptcha.com *.hcaptcha.com " + server.config.GatewayCredentialsRequestURL,
"connect-src 'self' *.tardigradeshare.io *.storjshare.io *.storjapi.io *.storjsatelliteshare.io https://hcaptcha.com *.hcaptcha.com " + server.config.GatewayCredentialsRequestURL,
"frame-ancestors " + server.config.FrameAncestors,
"frame-src 'self' *.stripe.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://hcaptcha.com *.hcaptcha.com",
"img-src 'self' data: blob: *.tardigradeshare.io *.storjshare.io *.storjsatelliteshare.io",