Optimized CSP policies

2025-05-18 18:50:32 +02:00 · 2025-05-15 15:11:55 +02:00 · 2025-05-15 15:11:55 +02:00 · fd698e9cc6
commit fd698e9cc6
parent be0da93c9c
2 changed files with 9 additions and 4 deletions
--- a/roles/docker-matrix-compose/vars/configuration.yml
+++ b/roles/docker-matrix-compose/vars/configuration.yml
@ -20,12 +20,13 @@ csp:
  flags:
    script-src:
      unsafe-inline: true
      unsafe-eval:   true
    style-src:
      unsafe-inline: true
  whitelist:
    connect-src:
-      - "{{ domains.element }}"
+      - "{{ primary_domain }}"
      - "{{ domains.synapse }}"
    script-src:
      - "{{ domains.element }}"
      - "{{ domains.synapse }}"
      - "https://cdn.jsdelivr.net"
--- a/roles/docker-wordpress/vars/configuration.yml
+++ b/roles/docker-wordpress/vars/configuration.yml
@ -30,4 +30,8 @@ csp:
      - "data:"
    script-src:
      - "https://cdn.gtranslate.net"
-      - "{{ domains.wordpress }}"
+      - "{{ domains.wordpress[0] }}"
    frame-src:
      - "{{ domains.peertube }}"
    style-src:
      - "https://fonts.bunny.net"