Skip to content

Commit

Permalink
Add acc.data to the csp header control directive (#111)
Browse files Browse the repository at this point in the history
  • Loading branch information
@timvanoostrom
timvanoostrom authored Jul 18, 2019
1 parent 9120af2 commit 87829f2
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions conf/nginx-server-default.template.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@ server {
# Add strict csp header config
add_header Content-Security-Policy
"default-src 'none';
connect-src 'self' https://data.amsterdam.nl https://api.data.amsterdam.nl https://analytics.data.amsterdam.nl https://api.usabilla.com https://sentry.data.amsterdam.nl;
connect-src 'self' https://data.amsterdam.nl https://api.data.amsterdam.nl https://analytics.data.amsterdam.nl https://api.usabilla.com https://sentry.data.amsterdam.nl https://acc.data.amsterdam.nl;
script-src 'self' https://analytics.data.amsterdam.nl https://*.usabilla.com http://*.usabilla.com 'unsafe-inline' 'unsafe-eval';
img-src 'self' https://analytics.data.amsterdam.nl https://d6tizftlrpuof.cloudfront.net https://*.usabilla.com data:;
frame-src 'self' https://analytics.data.amsterdam.nl https://data.amsterdam.nl;
frame-src 'self' https://analytics.data.amsterdam.nl https://data.amsterdam.nl https://acc.data.amsterdam.nl;
style-src 'self' https://fast.fonts.net https://d6tizftlrpuof.cloudfront.net 'unsafe-inline';
font-src 'self' https://d6tizftlrpuof.cloudfront.net;
manifest-src 'self';
Expand Down

0 comments on commit 87829f2

Please sign in to comment.