Optimized Wordpress conf and solved snipe-it CSP bug

2025-10-31 10:19:09 +00:00 · 2025-06-05 00:06:43 +02:00
parent 24cd75ac26
commit 5077f5f6ad
2 changed files with 5 additions and 13 deletions
--- a/roles/docker-snipe-it/vars/configuration.yml
+++ b/roles/docker-snipe-it/vars/configuration.yml
@@ -9,10 +9,13 @@ domains:
    - "inventory.{{ primary_domain }}"
 csp:
  flags:
+    script-src:
+      unsafe-inline:  true
+      unsafe-eval:    true
    script-src-elem:
-      unsafe-inline: true
+      unsafe-inline:  true
    style-src:
-      unsafe-inline: true
+      unsafe-inline:  true
  whitelist:
    font-src:
      - "data:"
--- a/roles/docker-wordpress/vars/configuration.yml
+++ b/roles/docker-wordpress/vars/configuration.yml
@@ -38,17 +38,6 @@ csp:
    frame-src:
      - "blob:"
      - "*.{{ primary_domain }}"
-    #frame-src: >-
-    #  {{
-    #    ['*.{}'.format(primary_domain)]
-    #    +
-    #    (
-    #      applications.wordpress.domains.canonical
-    #      | default([])
-    #      | map('regex_replace', '^(.*)$', 'blob:\g<1>')
-    #      | list
-    #    )
-    #  }}
 domains:
  canonical:
    - "blog.{{ primary_domain }}"