Commit 8479db4a authored by Niels's avatar Niels Committed by Niels

chore(): allow loading external stylesheets from Same Origin #60

parent 162f41e2
......@@ -59,14 +59,14 @@ metadata: {{ include "don.common.metadata" . | nindent 2 }}
more_set_headers "X-Frame-Options: deny";
more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "X-XSS-Protection: 1; mode=block";
more_set_headers "Content-Security-Policy: default-src 'self'; style-src 'unsafe-inline';";
more_set_headers "Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline';";
more_set_headers "Referrer-Policy: same-origin";
{{ else }}
ingress.kubernetes.io/frame-deny: "true"
ingress.kubernetes.io/content-type-nosniff: "true"
ingress.kubernetes.io/browser-xss-filter: "true"
ingress.kubernetes.io/referrer-policy: "same-origin"
ingress.kubernetes.io/content-security-policy: "default-src 'self'; style-src 'unsafe-inline';"
ingress.kubernetes.io/content-security-policy: "default-src 'self'; style-src 'self' 'unsafe-inline';"
ingress.kubernetes.io/hsts-max-age: "315360000"
{{ end }}
spec:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment