github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(csp): add google.com to the CSP header BE-12228 (#1175)

pull/12074/merge
andres-portainer 2025-09-10 15:00:25 -03:00 committed by GitHub
parent 3ac0be4e35
commit a59815264d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/http/security/bouncer.go
View File

@ -534,7 +534,7 @@ func MWSecureHeaders(next http.Handler, hsts, csp bool) http.Handler {
}
if csp {
w.Header().Set("Content-Security-Policy", "script-src 'self' cdn.matomo.cloud js.hsforms.net; object-src 'none'; frame-ancestors 'none';")
w.Header().Set("Content-Security-Policy", "script-src 'self' cdn.matomo.cloud js.hsforms.net www.google.com; object-src 'none'; frame-ancestors 'none';")
}
w.Header().Set("X-Content-Type-Options", "nosniff")