M roles/srht/files/nginx/builds.conf => roles/srht/files/nginx/builds.conf +1 -1
@@ 14,7 14,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5002;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/git.conf => roles/srht/files/nginx/git.conf +1 -1
@@ 13,7 13,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5001;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/hub.conf => roles/srht/files/nginx/hub.conf +1 -1
@@ 11,7 11,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5014;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/lists.conf => roles/srht/files/nginx/lists.conf +1 -1
@@ 13,7 13,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5006;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'";
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/man.conf => roles/srht/files/nginx/man.conf +1 -1
@@ 13,7 13,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5004;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/meta.conf => roles/srht/files/nginx/meta.conf +1 -1
@@ 11,7 11,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5000;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline' *.stripe.com *.stripe.network; frame-src *.stripe.com *.stripe.network" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline' *.stripe.com *.stripe.network; frame-src *.stripe.com *.stripe.network always; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/paste.conf => roles/srht/files/nginx/paste.conf +1 -1
@@ 13,7 13,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5011;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}
M roles/srht/files/nginx/todo.conf => roles/srht/files/nginx/todo.conf +1 -1
@@ 13,7 13,7 @@ server {
location / {
proxy_pass http://127.0.0.1:5003;
- add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'" always;
+ add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src * data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'" always;
include /etc/nginx/snippets/srht_web.conf;
}