We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
With the Web Embed mode, we actually need to set the Content-Security-Policy header.
Similar to the oCIS CORS options there is a Content-Security-Policy option.
Leverage a reverse proxy that configures the Content-Security-Policy option.
That will be most of the time not be granular but a general rule like eg in nginx
more_set_headers "Content-Security-Policy: frame-ancestors 'self' https://foo.bar;";
The text was updated successfully, but these errors were encountered:
see:
Sorry, something went wrong.
Probably already implemented, need to reevaluate
No branches or pull requests
Is your feature request related to a problem? Please describe.
With the Web Embed mode, we actually need to set the Content-Security-Policy header.
Describe the solution you'd like
Similar to the oCIS CORS options there is a Content-Security-Policy option.
Describe alternatives you've considered
Leverage a reverse proxy that configures the Content-Security-Policy option.
That will be most of the time not be granular but a general rule like eg in nginx
more_set_headers "Content-Security-Policy: frame-ancestors 'self' https://foo.bar;";
Additional context
The text was updated successfully, but these errors were encountered: