TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 20:37:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(console): add style / font src hosts to connect src (#259)

Browse Source
This commit is contained in:
Livio Amstutz
2020-06-23 08:43:41 +02:00
committed by GitHub
parent 1de574df42
commit 45bd910db6
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/console/console.go
View File

@@ -65,7 +65,10 @@ func csp(zitadelDomain string) *middleware.CSP {
csp.StyleSrc = csp.StyleSrc.AddInline().AddHost("fonts.googleapis.com").AddHost("maxst.icons8.com") //TODO: host it
csp.FontSrc = csp.FontSrc.AddHost("fonts.gstatic.com").AddHost("maxst.icons8.com") //TODO: host it
csp.ScriptSrc = csp.ScriptSrc.AddEval()
csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain)
csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain).
AddHost("fonts.googleapis.com").
AddHost("fonts.gstatic.com").
AddHost("maxst.icons8.com") //TODO: host it
return &csp
}