Commit 0243d5c8 authored by Roque's avatar Roque

Fix OJS apps CSP

See merge request nexedi/erp5!1725
parents d15110ec 46e06ed6
Pipeline #26090 failed with stage
...@@ -421,7 +421,7 @@ ...@@ -421,7 +421,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_view_action_reference</string> </key> <key> <string>configuration_default_view_action_reference</string> </key>
...@@ -738,7 +738,7 @@ ...@@ -738,7 +738,7 @@
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11689.44498.47257</string> </value> <value> <string>1005.49121.23999.34525</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -756,7 +756,7 @@ ...@@ -756,7 +756,7 @@
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640886173.32</float> <float>1674149649.04</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -357,7 +357,7 @@ ...@@ -357,7 +357,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -662,7 +662,7 @@ WebSection_getCodemirrorEditorPrecacheManifestList</string> </value> ...@@ -662,7 +662,7 @@ WebSection_getCodemirrorEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11689.44498.47257</string> </value> <value> <string>1005.49128.63650.24456</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -680,7 +680,7 @@ WebSection_getCodemirrorEditorPrecacheManifestList</string> </value> ...@@ -680,7 +680,7 @@ WebSection_getCodemirrorEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640886184.37</float> <float>1674149663.47</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -336,7 +336,7 @@ ...@@ -336,7 +336,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -675,7 +675,7 @@ WebSection_getNotebookEditorPrecacheManifestList</string> </value> ...@@ -675,7 +675,7 @@ WebSection_getNotebookEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>987.46563.1005.57053</string> </value> <value> <string>1005.49121.23999.34525</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -693,7 +693,7 @@ WebSection_getNotebookEditorPrecacheManifestList</string> </value> ...@@ -693,7 +693,7 @@ WebSection_getNotebookEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1604344587.21</float> <float>1673981295.55</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -367,7 +367,7 @@ ...@@ -367,7 +367,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' *; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -680,7 +680,7 @@ WebSection_getSlideshowEditorPrecacheManifestList</string> </value> ...@@ -680,7 +680,7 @@ WebSection_getSlideshowEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11689.44498.47257</string> </value> <value> <string>999.57642.21478.16725</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -698,7 +698,7 @@ WebSection_getSlideshowEditorPrecacheManifestList</string> </value> ...@@ -698,7 +698,7 @@ WebSection_getSlideshowEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640884573.63</float> <float>1673976077.79</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -367,7 +367,7 @@ ...@@ -367,7 +367,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -677,7 +677,7 @@ WebSection_getSvgEditorPrecacheManifestList</string> </value> ...@@ -677,7 +677,7 @@ WebSection_getSvgEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11689.44498.47257</string> </value> <value> <string>1005.49121.23999.34525</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -695,7 +695,7 @@ WebSection_getSvgEditorPrecacheManifestList</string> </value> ...@@ -695,7 +695,7 @@ WebSection_getSvgEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640885760.54</float> <float>1673981176.09</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -407,7 +407,7 @@ ...@@ -407,7 +407,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_view_action_reference</string> </key> <key> <string>configuration_default_view_action_reference</string> </key>
...@@ -724,7 +724,7 @@ ...@@ -724,7 +724,7 @@
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11693.3821.1075</string> </value> <value> <string>1000.61481.3626.18739</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -742,7 +742,7 @@ ...@@ -742,7 +742,7 @@
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640886351.28</float> <float>1674143927.23</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -367,7 +367,7 @@ ...@@ -367,7 +367,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -680,7 +680,7 @@ WebSection_getJexcelEditorPrecacheManifestList</string> </value> ...@@ -680,7 +680,7 @@ WebSection_getJexcelEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>997.11693.3821.1075</string> </value> <value> <string>1005.49131.55146.46899</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -698,7 +698,7 @@ WebSection_getJexcelEditorPrecacheManifestList</string> </value> ...@@ -698,7 +698,7 @@ WebSection_getJexcelEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1640886369.63</float> <float>1674143936.33</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment