Skip to content

Commit 93c6c04

Browse files
bheeshambheesham
committed
fix(k8s): only set headers in public-splitter
This will cover all endpoints, including static files. Jira: IAM-1775
1 parent b126540 commit 93c6c04

2 files changed

Lines changed: 1 addition & 2 deletions

File tree

k8s/templates/public-splitter.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ data:
2424
proxy_read_timeout 90;
2525
proxy_buffers 32 4k;
2626
resolver kube-dns.kube-system.svc.cluster.local valid=5s;
27-
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:" always;
27+
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; script-src-elem 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:" always;
2828
2929
map $http_cookie $login {
3030
default {{ if .Values.public }}"no"{{ else }}"yes"{{ end }};

k8s/templates/router.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@ data:
2323
proxy_send_timeout 90;
2424
proxy_read_timeout 90;
2525
proxy_buffers 32 4k;
26-
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:" always;
2726
2827
server {
2928

0 commit comments

Comments
 (0)