fix(crisp): csp for crisp iframe help

This commit is contained in:
Colin Darie 2024-10-15 16:23:23 +02:00
parent 097074fdc7
commit e552a5cbf5
No known key found for this signature in database
GPG key ID: 4FB865FDBCA4BCC4

View file

@ -40,6 +40,7 @@ Rails.application.config.content_security_policy do |policy|
frame_whitelist << URI(MATOMO_IFRAME_URL).host if Rails.application.secrets.matomo[:enabled] frame_whitelist << URI(MATOMO_IFRAME_URL).host if Rails.application.secrets.matomo[:enabled]
# allow pdf iframes in the PJ gallery # allow pdf iframes in the PJ gallery
frame_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present? frame_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
frame_whitelist << "*.crisp.help" if Rails.application.secrets.crisp[:enabled]
policy.frame_src(:self, *frame_whitelist) policy.frame_src(:self, *frame_whitelist)
# Everything else: allow us # Everything else: allow us