grafana CSP backward compatible with older browsers
This commit is contained in:
parent
d4d1e2e922
commit
303de935d5
@ -37,6 +37,11 @@ matrix_grafana_default_admin_password: admin
|
|||||||
# [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
|
# [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
|
||||||
matrix_grafana_content_security_policy: true
|
matrix_grafana_content_security_policy: true
|
||||||
|
|
||||||
|
# specify content security policy template to customized template
|
||||||
|
# added 'unsafe-inline' (ignored by browsers supporting nonces/hashes) to be backward compatible with older browsers.
|
||||||
|
# added https: and http: url schemes (ignored by browsers supporting 'strict-dynamic') to be backward compatible with older browsers.
|
||||||
|
matrix_grafana_content_security_policy_customized: true
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
# A list of extra arguments to pass to the container
|
||||||
matrix_grafana_container_extra_arguments: []
|
matrix_grafana_container_extra_arguments: []
|
||||||
|
|
||||||
|
@ -8,6 +8,12 @@ admin_password = """{{ matrix_grafana_default_admin_password }}"""
|
|||||||
# specify content_security_policy to add the Content-Security-Policy header to your requests
|
# specify content_security_policy to add the Content-Security-Policy header to your requests
|
||||||
content_security_policy = "{{ matrix_grafana_content_security_policy }}"
|
content_security_policy = "{{ matrix_grafana_content_security_policy }}"
|
||||||
|
|
||||||
|
# specify content security policy template to customized template
|
||||||
|
{% if matrix_synapse_metrics_enabled %}
|
||||||
|
content_security_policy_template = """script-src http: https: 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data:;base-uri 'self';connect-src 'self' grafana.com;manifest-src 'self';media-src 'none';form-action 'self';"""
|
||||||
|
{% else %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
[auth.anonymous]
|
[auth.anonymous]
|
||||||
# enable anonymous access
|
# enable anonymous access
|
||||||
enabled = {{ matrix_grafana_anonymous_access }}
|
enabled = {{ matrix_grafana_anonymous_access }}
|
||||||
|
Loading…
Reference in New Issue
Block a user