TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 23:57:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(console): add style / font src hosts to connect src (#259)

Browse Source
This commit is contained in:
Livio Amstutz 2020-06-23 08:43:41 +02:00 committed by GitHub
parent 1de574df42
commit 45bd910db6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/console/console.go
View File

@ -65,7 +65,10 @@ func csp(zitadelDomain string) *middleware.CSP {
csp.StyleSrc = csp.StyleSrc.AddInline().AddHost("fonts.googleapis.com").AddHost("maxst.icons8.com") //TODO: host it
csp.FontSrc = csp.FontSrc.AddHost("fonts.gstatic.com").AddHost("maxst.icons8.com") //TODO: host it
csp.ScriptSrc = csp.ScriptSrc.AddEval()
csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain)
csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain).
AddHost("fonts.googleapis.com").
AddHost("fonts.gstatic.com").
AddHost("maxst.icons8.com") //TODO: host it
return &csp
}