2025-06-25 11:45:32 +02:00
3 changed files with 6 additions and 18 deletions
--- a/filter_plugins/csp_filters.py
+++ b/filter_plugins/csp_filters.py
@ -91,7 +91,6 @@ class FilterModule(object):
                'frame-ancestors',
                'frame-src',
                'script-src',
                'script-src-elem',
                'style-src',
                'font-src',
                'worker-src',
@ -116,11 +115,11 @@ class FilterModule(object):
                        tokens.append(f"{web_protocol}://{matomo_domain}")
                # ReCaptcha integration: allow loading scripts from Google if feature enabled
-                if self.is_feature_enabled(applications, 'recaptcha', application_id):
+                if (
-                    if directive == 'script-src':
+                    self.is_feature_enabled(applications, 'recaptcha', application_id)
-                        tokens.append('https://www.google.com')
+                    and directive == 'script-src'
-                    if directive == 'script-src-elem':
+                ):
-                        tokens.append('https://www.gstatic.com')
+                    tokens.append('https://www.google.com')
                # Enable loading via ancestors
                if (
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@ -3,11 +3,6 @@
 - name: "include docker-compose role"
  include_role: 
    name: docker-compose
  vars:
    database_instance:  "{{ application_id }}"
    database_password:  "{{ applications[application_id].credentials.postgresql_secret }}"
    database_username:  "postgres"
    database_name:      ""                              # Multiple databases
 - name:                 "Seed BigBlueButton Database for Backup"
  include_tasks:        "{{ playbook_dir }}/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml"
--- a/roles/docker-bigbluebutton/vars/configuration.yml
+++ b/roles/docker-bigbluebutton/vars/configuration.yml
@ -14,10 +14,4 @@ features:
  central_database:   false
 domains:
  canonical:
-    - "meet.{{ primary_domain }}"
+    - "meet.{{ primary_domain }}"
 csp:  
  flags:
    script-src:
      unsafe-inline:  true
    style-src:
      unsafe-inline:  true