IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-26 10:50:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
30,733 Commits 5,089 Branches 538 Tags 1.9 GiB
3ca00f90b5
Commit Graph

4 Commits

Author SHA1 Message Date
kay delaney
8143991b94
Security: Update default CSP template and fix firefox CSP issues (#34836) 
* Security: Update default content_security_policy_template
- Add 'strict-dynamic' back to script-src
- Add ws(s)://$ROOT_PATH to connect-src
- Change onEvent to on-event in angular templates to fix CSP issues in firefox.
- Add blob: to style-src
 2021-05-28 17:01:10 +02:00
Arve Knudsen
aed1c013c0
CSP: Relax default template wrt. loading of scripts, due to nonces not working (#34363) 
* CSP: Relax default template, due to nonces not working

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* CSP: Add back data: to img-src

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
 2021-05-19 11:37:14 +02:00
Arve Knudsen
d1a9044171
CSP: Allow all image sources by default (#34265) 
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
 2021-05-18 13:41:55 +02:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740) 
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
 2021-01-12 07:42:32 +01:00