eriol/ansible-collection-kit
1
0
Fork 0
Code Releases Activity

Make possible to specify Content-Security-Policy header
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Daniele Tricoli 2022-08-26 17:30:40 +02:00
parent a4f16f77c2
commit 967fb6eaf6
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
roles/nginx/templates/etc/nginx/sites-available/site-vhost.j2
View file

@ -25,7 +25,7 @@ server {
listen 443 ssl;
listen [::]:443 ssl;
add_header Content-Security-Policy "default-src https://{{ item.servername }}; img-src *; style-src https://{{ item.servername }} 'unsafe-inline'" always;
add_header Content-Security-Policy {% if item.header_csp is defined %}{{ item.header_csp | trim }}{% else -%}"default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'"{% endif %} always;
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), notifications=(), payment=(), usb=()" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;