FIX(zot): add Traefik middleware to fix CSP header for UI
- Add blob: to script-src directive - Add unsafe-eval for UI functionality - Fix Content Security Policy for proper UI rendering
This commit is contained in:
@@ -56,11 +56,20 @@ service:
|
|||||||
http:
|
http:
|
||||||
port: 5000
|
port: 5000
|
||||||
|
|
||||||
|
rawResources:
|
||||||
|
csp-fix:
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
spec:
|
||||||
|
headers:
|
||||||
|
contentSecurityPolicy: "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; img-src 'self' data:; manifest-src 'self'; base-uri 'self'"
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
zot:
|
zot:
|
||||||
className: traefik
|
className: traefik
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: zot-csp-fix@kubernetescrd
|
||||||
hosts:
|
hosts:
|
||||||
- host: zot0213.kro.kr
|
- host: zot0213.kro.kr
|
||||||
paths:
|
paths:
|
||||||
|
|||||||
Reference in New Issue
Block a user