Mercurial > repos > other > Puppet
changeset 460:ce488cfb225a
Fix CSP headers for WordPress admin panel
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sun, 10 Sep 2023 09:48:49 +0100 |
| parents | d7af40e44502 |
| children | 5c97adb07a0a |
| files | manifests/templates.pp |
| diffstat | 1 files changed, 4 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/manifests/templates.pp Sat Sep 02 20:03:11 2023 +0100 +++ b/manifests/templates.pp Sun Sep 10 09:48:49 2023 +0100 @@ -871,7 +871,7 @@ custom_fragment => template("privat/apache/bdstrike.fragment"), csp_override => { "report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce", - "font-src" => "'self' https://fonts.gstatic.com/ data:", + "font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:", "img-src" => "'self' https://secure.gravatar.com/ https://ps.w.org/ https://s.w.org/ data:", "style-src" => "'self' https://fonts.googleapis.com/ 'unsafe-inline'", "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", @@ -879,9 +879,10 @@ }, csp_report_override => { "report-uri" => "https://ibboard.report-uri.com/r/d/csp/reportOnly", - "font-src" => "'self' https://fonts.gstatic.com/ data:", # TODO: What's generating it? + "font-src" => "'self' https://fonts.gstatic.com/ https://s0.wp.com/i/fonts/inter/ data:", # TODO: What's generating it? "img-src" => "'self' https://secure.gravatar.com/ data:", - "style-src" => "'self' https://fonts.googleapis.com/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='", + "style-src" => "'self' https://fonts.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc=' 'sha256-efof3agGBAL/yN8TplyNbLEgDZ3wIGMK3UMYbe8slkA='", + "script-src" => "'self' 'nonce-%{CSP_NONCE}e' 'sha256-hPnbct+H2uwUiwoh3kect6TJt4waDlLPfj47TO58lXc=' 'sha256-80Mr5Xc2f6hVSJwvFRRcNjAI9RMcnuTVAIzr6pIQswI=' 'sha256-zwGmIUR+Z6gWKbwoJ2Z3yGxI/XLETLqDqCRIV0qt/WA='", "connect-src" => "'self' https://www.sandbox.paypal.com/ https://www.paypal.com/", }, }