other/Puppet: manifests/templates.pp comparison

comparison manifests/templates.pp @ 460:ce488cfb225a

Fix CSP headers for WordPress admin panel

author	IBBoard <dev@ibboard.co.uk>
date	Sun, 10 Sep 2023 09:48:49 +0100
parents	d7af40e44502
children	5c97adb07a0a

comparison

equal deleted inserted replaced

-:d7af40e44502
+:ce488cfb225a
 		docroot_group => 'editors',
 		letsencrypt_name => 'bdstrike.co.uk',
 		custom_fragment => template("privat/apache/bdstrike.fragment"),
 		csp_override => {
 			"report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce",
-			"font-src" => "'self' https://fonts.gstatic.com/ data:",
+			"font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:",
 			"img-src" => "'self' https://secure.gravatar.com/ https://ps.w.org/ https://s.w.org/ data:",
 			"style-src" => "'self' https://fonts.googleapis.com/ 'unsafe-inline'",
 			"connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/",
 			"frame-ancestors" => "'self'"
 		},
 		csp_report_override => {
 			"report-uri" => "https://ibboard.report-uri.com/r/d/csp/reportOnly",
-			"font-src" => "'self' https://fonts.gstatic.com/ data:", # TODO: What's generating it?
+			"font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:", # TODO: What's generating it?
 			"img-src" => "'self' https://secure.gravatar.com/ data:",
-			"style-src" => "'self' https://fonts.googleapis.com/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='",
+			"style-src" => "'self' https://fonts.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='",
+			"script-src" => "'self' 'nonce-%{CSP_NONCE}e' 'sha256-hPnbct+H2uwUiwoh3kect6TJt4waDlLPfj47TO58lXc=' 'sha256-80Mr5Xc2f6hVSJwvFRRcNjAI9RMcnuTVAIzr6pIQswI=' 'sha256-zwGmIUR+Z6gWKbwoJ2Z3yGxI/XLETLqDqCRIV0qt/WA='",
 			"connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/",
 		},
 	}
 	cron { 'wordpress_cron':

Mercurial > repos > other > Puppet

comparison manifests/templates.pp @ 460:ce488cfb225a