From 2fb07c8164aa48330449b7b7ff917155d50210ea Mon Sep 17 00:00:00 2001 From: Julen Landa Alustiza Date: Wed, 21 Aug 2019 16:59:26 +0200 Subject: [PATCH] dist-git: Custom csp policy that allows connecting to apps.fp.o --- roles/distgit/pagure/templates/pagure.cfg | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/distgit/pagure/templates/pagure.cfg b/roles/distgit/pagure/templates/pagure.cfg index f3dd2c466..0aa7c7764 100644 --- a/roles/distgit/pagure/templates/pagure.cfg +++ b/roles/distgit/pagure/templates/pagure.cfg @@ -296,4 +296,13 @@ PROJECT_NAME_REGEX = '^[a-zA-z0-9_][a-zA-Z0-9-_\.+]*$' HTTP_REPO_ACCESS_GITOLITE = None +CSP_HEADERS = ( + "default-src 'self';" + "script-src 'self' '{nonce_script}' https://apps.fedoraproject.org; " + "style-src 'self' '{nonce_style}'; " + "object-src 'none';" + "base-uri 'self';" + "img-src 'self' https:;" +) + {% include "pagure_shared.cfg" %} -- 2.21.0