From 49561929718751a9cda530227a9aa61178e1a6ca Mon Sep 17 00:00:00 2001 From: Markus Baumann Date: Mon, 29 May 2017 14:04:38 +0200 Subject: [PATCH] BKKVBU-1694 Allow zone35 form domain in csp --- .../dev-web01-meine-krankenkasse-de.pixelpark.net.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml index 23c06b3a..1c698584 100644 --- a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml +++ b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml @@ -44,8 +44,8 @@ infra::profile::apache::pp_vhosts: - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: "ALLOW-FROM https://dev-cms01-meine-krankenkasse-de.pixelpark.net"' - - "set Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\"" - - "set X-Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\"" + - "set Content-Security-Policy: \"default-src 'self' bkk-vorteilsrechner.de; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\"" + - "set X-Content-Security-Policy: \"default-src 'self' bkk-vorteilsrechner.de; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\"" headers_ssl: - 'always set Strict-Transport-Security "max-age=31556926"' custom_fragment: | -- 2.39.5