slapos_web_frontend_selector: update default CSP

dcb65a1d · Rafael Monnerat · ab87a9cd · dcb65a1d
Commit dcb65a1d authored Apr 13, 2023 by Rafael Monnerat
Showing with 1 addition and 1 deletion

master/bt5/slapos_web_frontend_selector/SkinTemplateItem/portal_skins/slapos_frontend_selector_theme/WebSite_getTestFrontendResponse.py ...rontend_selector_theme/WebSite_getTestFrontendResponse.py +1 -1

No files found.
--- a/master/bt5/slapos_web_frontend_selector/SkinTemplateItem/portal_skins/slapos_frontend_selector_theme/WebSite_getTestFrontendResponse.py
+++ b/master/bt5/slapos_web_frontend_selector/SkinTemplateItem/portal_skins/slapos_frontend_selector_theme/WebSite_getTestFrontendResponse.py
@@ -13,7 +13,7 @@ response.setHeader('Content-Type', 'text/plain')

 response.setHeader("Content-Security-Policy", "default-src 'none'; img-src 'self' data:; media-src 'self'; connect-src 'self' mail.tiolive.com *.erp5.cn; script-src 'self' 'unsafe-eval'; font-src netdna.bootstrapcdn.com; style-src 'self' netdna.bootstrapcdn.com 'unsafe-inline' data:; frame-src 'self' data:")

-response.setHeader("Access-Control-Allow-Origin", "http://demoapp.node.grandenet.cn")
+response.setHeader("Access-Control-Allow-Origin", "https://selector.node.grandenet.cn")

 return """
 ###################################################################################