mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-25 07:47:05 +00:00
CSP header disrupts roundcube
This commit is contained in:
parent
0392b07008
commit
d359cef13e
@ -217,7 +217,7 @@ def make_domain_config(domain, templates, ssl_certificates, env):
|
|||||||
|
|
||||||
nginx_conf_extra += "\tadd_header X-Frame-Options \"SAMEORIGIN\" always;\n"
|
nginx_conf_extra += "\tadd_header X-Frame-Options \"SAMEORIGIN\" always;\n"
|
||||||
nginx_conf_extra += "\tadd_header X-Content-Type-Options nosniff;\n"
|
nginx_conf_extra += "\tadd_header X-Content-Type-Options nosniff;\n"
|
||||||
nginx_conf_extra += "\tadd_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;frame-ancestors 'self'\";\n"
|
nginx_conf_extra += "\tadd_header Content-Security-Policy-Report-Only \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;frame-ancestors 'self'\";\n"
|
||||||
nginx_conf_extra += "\tadd_header Referrer-Policy \"strict-origin\";\n"
|
nginx_conf_extra += "\tadd_header Referrer-Policy \"strict-origin\";\n"
|
||||||
|
|
||||||
# Add in any user customizations in the includes/ folder.
|
# Add in any user customizations in the includes/ folder.
|
||||||
|
Loading…
Reference in New Issue
Block a user