You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/08/03 02:35:02 UTC

[GitHub] [apisix-dashboard] bzp2010 commented on a diff in pull request #2548: doc(csp): add correct csp rule

bzp2010 commented on code in PR #2548:
URL: https://github.com/apache/apisix-dashboard/pull/2548#discussion_r936182632


##########
api/conf/conf.yaml:
##########
@@ -66,8 +66,7 @@ conf:
   #   access_control_allow_headers: "Authorization"
   #   access_control-allow_methods: "*"
   #   x_frame_options: "deny"
-  #   content_security_policy: ""default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'""
-
+  #   content_security_policy: "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src xx.xx.xx.xx:3000"  # You can set frame-src to provide content for your grafana panel.

Review Comment:
   I think it's acceptable for now, and when we merge it to the `next` branch it will be modified according to the new format. 🤔



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org