GitHub-Bitwarden
/
server
mirror of https://github.com/bitwarden/server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add websockets to CSP

pull/342/merge
Kyle Spearrin 7 years ago
parent
fb1cae9fb1
commit
fb92f67053
1 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      util/Setup/NginxConfigBuilder.cs

4
util/Setup/NginxConfigBuilder.cs
Unescape View File

@ -14,7 +14,7 @@ namespace Bit.Setup @@ -14,7 +14,7 @@ namespace Bit.Setup
"default-src 'self'; style-src 'self' 'unsafe-inline'; " +
"img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; " +
"child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; " +
"connect-src 'self' https://haveibeenpwned.com https://api.pwnedpasswords.com;";
"connect-src 'self' wss://{0} https://haveibeenpwned.com https://api.pwnedpasswords.com;";
public NginxConfigBuilder(string domain, string url, bool ssl, bool selfSignedSsl, bool letsEncrypt,
bool trusted, bool diffieHellman)
@ -147,7 +147,7 @@ server {{ @@ -147,7 +147,7 @@ server {{
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection ""1; mode=block"";
add_header Referrer-Policy same-origin;
add_header Content-Security-Policy ""{ContentSecurityPolicy}"";
add_header Content-Security-Policy ""{string.Format(ContentSecurityPolicy, Domain)}"";
}}
location = /app-id.json {{

Write Preview
Loading…
Cancel
Save