Commit dcb65a1d authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_web_frontend_selector: update default CSP

parent ab87a9cd
......@@ -13,7 +13,7 @@ response.setHeader('Content-Type', 'text/plain')
response.setHeader("Content-Security-Policy", "default-src 'none'; img-src 'self' data:; media-src 'self'; connect-src 'self' mail.tiolive.com *.erp5.cn; script-src 'self' 'unsafe-eval'; font-src netdna.bootstrapcdn.com; style-src 'self' netdna.bootstrapcdn.com 'unsafe-inline' data:; frame-src 'self' data:")
response.setHeader("Access-Control-Allow-Origin", "http://demoapp.node.grandenet.cn")
response.setHeader("Access-Control-Allow-Origin", "https://selector.node.grandenet.cn")
return """
###################################################################################
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment