File tree Expand file tree Collapse file tree 1 file changed +1
-1
lines changed
Expand file tree Collapse file tree 1 file changed +1
-1
lines changed Original file line number Diff line number Diff line change @@ -30,7 +30,7 @@ SSLCertificateKeyFile /var/www/miq/vmdb/certs/server.cer.key
3030 Header always set Strict-Transport-Security "max-age=631138519"
3131 # CSP for static assets: strict policy since these are pre-compiled external files
3232 # No unsafe-inline needed - all scripts/styles are external resources
33- Header set Content-Security-Policy "default-src 'self'; base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; worker-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com; img-src 'self' data:; style-src 'self' fonts.googleapis.com fonts.gstatic.com; report-uri /dashboard/csp_report; report-to csp-endpoint"
33+ Header always setifempty Content-Security-Policy "default-src 'self'; base-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; worker-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com; img-src 'self' data:; style-src 'self' fonts.googleapis.com fonts.gstatic.com; report-uri /dashboard/csp_report; report-to csp-endpoint"
3434 Header set Report-To "{\"group\":\"csp-endpoint\",\"max_age\":10886400,\"endpoints\":[{\"url\":\"/dashboard/csp_report\"}]}"
3535 Header set X-Content-Type-Options "nosniff"
3636 Header set X-Frame-Options "SAMEORIGIN"
You can’t perform that action at this time.
0 commit comments