Mercurial > repos > other > Puppet
comparison manifests/templates.pp @ 460:ce488cfb225a
Fix CSP headers for WordPress admin panel
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sun, 10 Sep 2023 09:48:49 +0100 |
parents | d7af40e44502 |
children | 5c97adb07a0a |
comparison
equal
deleted
inserted
replaced
459:d7af40e44502 | 460:ce488cfb225a |
---|---|
869 docroot_group => 'editors', | 869 docroot_group => 'editors', |
870 letsencrypt_name => 'bdstrike.co.uk', | 870 letsencrypt_name => 'bdstrike.co.uk', |
871 custom_fragment => template("privat/apache/bdstrike.fragment"), | 871 custom_fragment => template("privat/apache/bdstrike.fragment"), |
872 csp_override => { | 872 csp_override => { |
873 "report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce", | 873 "report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce", |
874 "font-src" => "'self' https://fonts.gstatic.com/ data:", | 874 "font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:", |
875 "img-src" => "'self' https://secure.gravatar.com/ https://ps.w.org/ https://s.w.org/ data:", | 875 "img-src" => "'self' https://secure.gravatar.com/ https://ps.w.org/ https://s.w.org/ data:", |
876 "style-src" => "'self' https://fonts.googleapis.com/ 'unsafe-inline'", | 876 "style-src" => "'self' https://fonts.googleapis.com/ 'unsafe-inline'", |
877 "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", | 877 "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", |
878 "frame-ancestors" => "'self'" | 878 "frame-ancestors" => "'self'" |
879 }, | 879 }, |
880 csp_report_override => { | 880 csp_report_override => { |
881 "report-uri" => "https://ibboard.report-uri.com/r/d/csp/reportOnly", | 881 "report-uri" => "https://ibboard.report-uri.com/r/d/csp/reportOnly", |
882 "font-src" => "'self' https://fonts.gstatic.com/ data:", # TODO: What's generating it? | 882 "font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:", # TODO: What's generating it? |
883 "img-src" => "'self' https://secure.gravatar.com/ data:", | 883 "img-src" => "'self' https://secure.gravatar.com/ data:", |
884 "style-src" => "'self' https://fonts.googleapis.com/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='", | 884 "style-src" => "'self' https://fonts.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='", |
885 "script-src" => "'self' 'nonce-%{CSP_NONCE}e' 'sha256-hPnbct+H2uwUiwoh3kect6TJt4waDlLPfj47TO58lXc=' 'sha256-80Mr5Xc2f6hVSJwvFRRcNjAI9RMcnuTVAIzr6pIQswI=' 'sha256-zwGmIUR+Z6gWKbwoJ2Z3yGxI/XLETLqDqCRIV0qt/WA='", | |
885 "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", | 886 "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", |
886 }, | 887 }, |
887 } | 888 } |
888 | 889 |
889 cron { 'wordpress_cron': | 890 cron { 'wordpress_cron': |