Broaden CSP img-src to allow all Atlassian avatar domains
All checks were successful
Build & Push Container Image / build (push) Successful in 5s
All checks were successful
Build & Push Container Image / build (push) Successful in 5s
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jan Willem Mannaerts
parent
b25631ec40
commit
31dfbe3cca
1 changed files with 1 additions and 1 deletions
|
|
@ -59,7 +59,7 @@ app.use((_req, res, next) => {
|
||||||
"script-src 'self'",
|
"script-src 'self'",
|
||||||
"style-src 'self' 'unsafe-inline'",
|
"style-src 'self' 'unsafe-inline'",
|
||||||
`connect-src 'self' wss://${isProd ? new URL(frontendUrl).host : '*'}`,
|
`connect-src 'self' wss://${isProd ? new URL(frontendUrl).host : '*'}`,
|
||||||
"img-src 'self' https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net https://secure.gravatar.com data:",
|
"img-src 'self' https://*.atl-paas.net https://*.atlassian.com https://secure.gravatar.com data:",
|
||||||
"font-src 'self'",
|
"font-src 'self'",
|
||||||
"object-src 'none'",
|
"object-src 'none'",
|
||||||
"base-uri 'self'",
|
"base-uri 'self'",
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue