Adjust CSP for Element
This commit is contained in:
parent
42c5c3e237
commit
9ebf2339b8
|
@ -63,21 +63,21 @@ job "matrix" {
|
|||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.matrix-admin.entrypoints=https",
|
||||
"traefik.http.middlewares.csp-matrix-admin.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' https://usercontent.riot.im https://scalar.vector.im;style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.middlewares.csp-matrix-admin.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' 'unsafe-eval' https://usercontent.riot.im https://scalar.vector.im;style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.routers.matrix-admin.middlewares=security-headers@file,rate-limit-std@file,forward-proto@file,inflight-std@file,hsts@file,compression@file,csp-matrix-admin",
|
||||
|
||||
"traefik.http.routers.matrix-admin.rule=Host(`matrix.consul`) && PathPrefix(`/_admin`)",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.matrix-synapse-admin.entrypoints=https",
|
||||
"traefik.http.middlewares.csp-matrix-synapse-admin.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.middlewares.csp-matrix-synapse-admin.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.routers.matrix-synapse-admin.middlewares=security-headers@file,rate-limit-std@file,forward-proto@file,inflight-std@file,hsts@file,compression@file,csp-matrix-synapse-admin",
|
||||
|
||||
"traefik.http.routers.matrix.rule=Host(`matrix.consul`) || (Host(`matrix.consul`) && PathRegexp(`^/(_(synapse|matrix)|\\.well-known/matrix)/.*`))",
|
||||
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.matrix.entrypoints=https",
|
||||
"traefik.http.middlewares.csp-matrix.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' https://usercontent.riot.im https://scalar.vector.im;style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.middlewares.csp-matrix.headers.contentsecuritypolicy=connect-src 'self' https://scalar.vector.im https://vector.im https://api.maptiler.com;default-src 'self';font-src 'self' data:;frame-src 'self' blob: https://scalar.vector.im/ https://meet.element.io;img-src 'self' data: blob: https://img.youtube.com https://*.ytimg.com;script-src 'self' 'unsafe-eval' https://usercontent.riot.im https://scalar.vector.im;style-src 'self' 'unsafe-inline';worker-src 'self' blob:;",
|
||||
"traefik.http.routers.matrix.middlewares=security-headers@file,rate-limit-std@file,forward-proto@file,inflight-std@file,hsts@file,compression@file,csp-matrix",
|
||||
|
||||
]
|
||||
|
|
|
@ -135,9 +135,9 @@ matrix:
|
|||
|
||||
# Element will need some custom CSP
|
||||
csp:
|
||||
script-src: "'self' https://usercontent.riot.im https://scalar.vector.im"
|
||||
script-src: "'self' 'unsafe-eval' https://usercontent.riot.im https://scalar.vector.im"
|
||||
worker-src: "'self' blob:"
|
||||
connect-src: "'self' https://scalar.vector.im https://api.maptiler.com"
|
||||
connect-src: "'self' https://scalar.vector.im https://vector.im https://api.maptiler.com"
|
||||
img-src: "'self' data: blob: https://img.youtube.com https://*.ytimg.com"
|
||||
frame-src: "'self' blob: https://scalar.vector.im/ https://meet.element.io"
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user