Skip to content

Commit

Permalink
added a content-security-policy (#987) (#1012)
Browse files Browse the repository at this point in the history 
* added a content-security-policy

* added connect-src directive and required form urls

* removed extra script-src directive

* added usage.teleport.dev
  • Loading branch information
@avatus
avatus authored Jul 25, 2022
1 parent b964858 commit aa56eb4
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions web/packages/teleterm/webpack.renderer.extend.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ function createHtmlPlugin() {
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="referrer" content="no-referrer" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; connect-src 'self' https://kcwm2is93l.execute-api.us-west-2.amazonaws.com/prod https://usage.teleport.dev; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; object-src 'none'; font-src 'self' data:">
</head>
<body>
<div id="app"></div>
Expand Down

0 comments on commit aa56eb4

Please sign in to comment.