Skip to content

Commit

Permalink
fix: allow static assets from cdn.getunleash.io
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivarconr
ivarconr committed Jan 6, 2022
1 parent 571dcf5 commit 73685c7
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions src/lib/middleware/secure-headers.ts
View file
Expand Up @@ -13,21 +13,28 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
},
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
defaultSrc: ["'self'", 'cdn.getunleash.io'],
fontSrc: [
"'self'",
'cdn.getunleash.io',
'fonts.googleapis.com',
'fonts.gstatic.com',
],
styleSrc: [
"'self'",
"'unsafe-inline'",
'cdn.getunleash.io',
'fonts.googleapis.com',
'fonts.gstatic.com',
'data:',
],
scriptSrc: ["'self'"],
imgSrc: ["'self'", 'data:', 'gravatar.com'],
scriptSrc: ["'self'", 'cdn.getunleash.io'],
imgSrc: [
"'self'",
'data:',
'cdn.getunleash.io',
'gravatar.com',
],
},
},
});
Expand Down

1 comment on commit 73685c7

@vercel
Copy link

@vercel vercel bot commented on 73685c7 Jan 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

Please sign in to comment.