Skip to content

Commit b126540

Browse files
bheeshambheesham
committed
fix(k8s): CSP disallowed inline styles and CSS from Google
Jira: IAM-1775
1 parent b37c104 commit b126540

2 files changed

Lines changed: 2 additions & 1 deletion

File tree

k8s/templates/public-splitter.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ data:
2424
proxy_read_timeout 90;
2525
proxy_buffers 32 4k;
2626
resolver kube-dns.kube-system.svc.cluster.local valid=5s;
27+
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:" always;
2728
2829
map $http_cookie $login {
2930
default {{ if .Values.public }}"no"{{ else }}"yes"{{ end }};

k8s/templates/router.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,11 +23,11 @@ data:
2323
proxy_send_timeout 90;
2424
proxy_read_timeout 90;
2525
proxy_buffers 32 4k;
26+
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:" always;
2627
2728
server {
2829
2930
listen 80;
30-
add_header Content-Security-Policy "default-src 'self'; frame-ancestors 'none'; font-src 'self' fonts.googleapis.com fonts.gstatic.com; img-src 'self' data:" always;
3131
3232
{{- if not .Values.public }}
3333
location /~ {

0 commit comments

Comments
 (0)