From be1d1d0b7c38b9081cc014ac012d985b9acb1b1a Mon Sep 17 00:00:00 2001 From: sakkiii <11132948+sakkiii@users.noreply.github.com> Date: Wed, 9 Jun 2021 00:52:52 +0530 Subject: [PATCH] matrix_grafana_content_security_policy_customized default false --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 286922e87..a565edd0d 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -41,7 +41,7 @@ matrix_grafana_content_security_policy: true # added https: and http: url schemes (ignored by browsers supporting 'strict-dynamic') to be backward compatible with older browsers. # [Content Security Policy Browser Test] (https://content-security-policy.com/browser-test/) # [Content Security Policy Reference](https://content-security-policy.com/script-src/) -matrix_grafana_content_security_policy_customized: true +matrix_grafana_content_security_policy_customized: false matrix_grafana_content_security_policy_template: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http: https: 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';" # A list of extra arguments to pass to the container