Merge pull request #1036 from sakkiii/grafana-csp
Grafana csp template backward compatible with older browsers
This commit is contained in:
commit
c19508087a
@ -37,6 +37,13 @@ matrix_grafana_default_admin_password: admin
|
||||
# [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
|
||||
matrix_grafana_content_security_policy: true
|
||||
|
||||
# specify content security policy template to customized template
|
||||
# added 'unsafe-inline' (ignored by browsers supporting nonces/hashes) to be backward compatible with older browsers.
|
||||
# added https: and http: url schemes (ignored by browsers supporting 'strict-dynamic') to be backward compatible with older browsers.
|
||||
# [Content Security Policy Browser Test] (https://content-security-policy.com/browser-test/)
|
||||
# [Content Security Policy Reference](https://content-security-policy.com/script-src/)
|
||||
matrix_grafana_content_security_policy_customized: true
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_grafana_container_extra_arguments: []
|
||||
|
||||
|
@ -8,6 +8,11 @@ admin_password = """{{ matrix_grafana_default_admin_password }}"""
|
||||
# specify content_security_policy to add the Content-Security-Policy header to your requests
|
||||
content_security_policy = "{{ matrix_grafana_content_security_policy }}"
|
||||
|
||||
# specify content security policy template to customized template
|
||||
{% if matrix_grafana_content_security_policy_customized %}
|
||||
content_security_policy_template = """script-src http: https: 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data:;base-uri 'self';connect-src 'self' grafana.com;manifest-src 'self';media-src 'none';form-action 'self';"""
|
||||
{% endif %}
|
||||
|
||||
[auth.anonymous]
|
||||
# enable anonymous access
|
||||
enabled = {{ matrix_grafana_anonymous_access }}
|
||||
|
Loading…
Reference in New Issue
Block a user