Fix content security policy

2026-01-17 20:51:21 -03:30 · 2023-05-11 10:42:23 -04:00 · 2023-05-11 10:42:23 -04:00 · 66c3acf777
commit 66c3acf777
parent ed1983bd8c
2 changed files with 2 additions and 2 deletions
--- a/awx/ui/public/index.html
+++ b/awx/ui/public/index.html
@ -24,7 +24,7 @@
      </script>
      <meta
        http-equiv="Content-Security-Policy"
-        content="default-src 'self'; connect-src 'self' ws: wss:; style-src 'selfunsafe-inline'; script-src 'selfnonce-{{ csp_nonce }}' *.pendo.io; img-src 'self' *.pendo.io data:; worker-src 'self' blob: ;"
+        content="default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'nonce-{{ csp_nonce }}' *.pendo.io; img-src 'self' *.pendo.io data:; worker-src 'self' blob: ;"
      />
      <link rel="shortcut icon" href="{% static 'media/favicon.ico' %}" />
    <% } else { %>
--- a/awx/ui/public/installing.html
+++ b/awx/ui/public/installing.html
@ -5,7 +5,7 @@
      <title data-cy="migration-title">{{ title }}</title>
      <meta
         http-equiv="Content-Security-Policy"
-         content="default-src 'self'; connect-src 'self' ws: wss:; style-src 'selfunsafe-inline'; script-src 'selfnonce-{{ csp_nonce }}' *.pendo.io; img-src 'self' *.pendo.io data:;"
+         content="default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'nonce-{{ csp_nonce }}' *.pendo.io; img-src 'self' *.pendo.io data:;"
         />
      <meta charset="utf-8">
      <meta http-equiv="X-UA-Compatible" content="IE=edge" />