refactor: allow loading resources from https://gigadb.org

gigascience · Oct 11, 2024 · a707738 · a707738
1 parent 8a81e28
commit a707738
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/ops/configuration/nginx-conf/sites/nginx.target_deployment.https.conf.dist b/ops/configuration/nginx-conf/sites/nginx.target_deployment.https.conf.dist
@@ -8,7 +8,7 @@ server {
  add_header X-Content-Type-Options nosniff;
  add_header X-Frame-Options DENY;
  add_header X-XSS-Protection "1; mode=block";
- add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' http://gigadb.org https://www.rosaceae.org *.protocols.io https://sketchfab.com https://codeocean.com *.hypothes.is *.datatables.net *.cloudflare.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.matomo.cloud *.hypothes.is *.datatables.net *.cloudflare.com *.google-analytics.com https://www.rosaceae.org https://www.protocols.io https://hypothes.is https://codeocean.com https://tumormap.ucsc.edu https://openlayers.org/en/v4.6.5/build/ol.js https://cdn.jsdelivr.net/npm/ol@v8.1.0/dist/ol.js; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/npm/ol@v8.1.0/ol.css https://cdnjs.cloudflare.com https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/annotator.css https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/highlights.css; frame-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; child-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; worker-src 'self' blob:; img-src blob: data: 'self' https://assets.gigadb-cdn.net https://tile.openstreetmap.org; connect-src 'self' https://*.matomo.cloud; report-uri https://gigadb.report-uri.com/r/d/csp/enforce;";
+ add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https://gigadb.org https://www.rosaceae.org *.protocols.io https://sketchfab.com https://codeocean.com *.hypothes.is *.datatables.net *.cloudflare.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.matomo.cloud *.hypothes.is *.datatables.net *.cloudflare.com *.google-analytics.com https://www.rosaceae.org https://www.protocols.io https://hypothes.is https://codeocean.com https://tumormap.ucsc.edu https://openlayers.org/en/v4.6.5/build/ol.js https://cdn.jsdelivr.net/npm/ol@v8.1.0/dist/ol.js; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/npm/ol@v8.1.0/ol.css https://cdnjs.cloudflare.com https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/annotator.css https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/highlights.css; frame-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; child-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; worker-src 'self' blob:; img-src blob: data: 'self' https://assets.gigadb-cdn.net https://tile.openstreetmap.org; connect-src 'self' https://*.matomo.cloud; report-uri https://gigadb.report-uri.com/r/d/csp/enforce;";
  add_header Content-Security-Policy-Report-Only "default-src 'self' https://gigadb.org; script-src 'self' https://*.matomo.cloud https://*.hypothes.is https://*.datatables.net https://*.cloudflare.com https://*.google-analytics.com https://www.rosaceae.org https://www.protocols.io https://hypothes.is https://codeocean.com https://tumormap.ucsc.edu https://openlayers.org/en/v4.6.5/build/ol.js https://cdn.jsdelivr.net/npm/ol@v8.1.0/dist/ol.js; style-src 'self' https://cdn.jsdelivr.net/npm/ol@v8.1.0/ol.css https://cdnjs.cloudflare.com https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/annotator.css https://cdn.hypothes.is/hypothesis/1.1524.0/build/styles/highlights.css; frame-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; child-src https://www.protocols.io https://hypothes.is https://www.rosaceae.org https://sketchfab.com https://codeocean.com https://tumormap.ucsc.edu; worker-src 'self' blob:; connect-src 'self' https://*.matomo.cloud; report-uri https://gigadb.report-uri.com/r/d/csp/reportOnly;";
 
  # Cors headers