]> Frank Brehm's Git Trees - pixelpark/hiera.git/commitdiff
projects / pixelpark / hiera.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f85032f)
spk-spar-checker Content-Security-Policy temp disabled
authorAndreas Gerstenberg <gerstenberg@pixelpark.com>
Mon, 4 Sep 2017 12:17:00 +0000 (14:17 +0200)
committerAndreas Gerstenberg <gerstenberg@pixelpark.com>
Mon, 4 Sep 2017 12:17:00 +0000 (14:17 +0200)
customer/spk-spar-checker/production.yaml patch | blob | history
customer/spk-spar-checker/test.yaml patch | blob | history

diff --git a/customer/spk-spar-checker/production.yaml b/customer/spk-spar-checker/production.yaml
index be4f276bb2ebac54f95052b887c6ae4f2954d85a..f4d6376b381b056a4765b8ee117eb168e7e7c6a4 100644 (file)
--- a/customer/spk-spar-checker/production.yaml
+++ b/customer/spk-spar-checker/production.yaml
@@ -40,7 +40,7 @@ infra::profile::apache::pp_vhosts:
       - 'always set X-XSS-Protection "1; mode=block"'
       - 'always set X-Frame-Options "SAMEORIGIN"'
       - 'always set X-Content-Type-Options "nosniff"'
-      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
+#      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
     aliases:
       - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
       - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
diff --git a/customer/spk-spar-checker/test.yaml b/customer/spk-spar-checker/test.yaml
index eb8b612528fcfdeed265bd7fac08ce57dae45119..d04f79c3e43a3417970b1cc57db860a93b1be363 100644 (file)
--- a/customer/spk-spar-checker/test.yaml
+++ b/customer/spk-spar-checker/test.yaml
@@ -38,7 +38,7 @@ infra::profile::apache::pp_vhosts:
       - 'always set X-XSS-Protection "1; mode=block"'
       - 'always set X-Frame-Options "SAMEORIGIN"'
       - 'always set X-Content-Type-Options "nosniff"'
-      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
+#      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
     aliases:
       - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
       - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
Unnamed repository; edit this file 'description' to name the repository.