K3S-HOME/storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX(zot): add Traefik middleware to fix CSP header for UI

Browse Source 
- Add blob: to script-src directive
- Add unsafe-eval for UI functionality
- Fix Content Security Policy for proper UI rendering
This commit is contained in:
Mayne0213
2026-01-10 00:22:36 +09:00
parent 228b0c06c4
commit 06c35588e3
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
zot/helm-values.yaml
View File

@@ -56,11 +56,20 @@ service:
http:
port: 5000
rawResources:
csp-fix:
apiVersion: traefik.io/v1alpha1
kind: Middleware
spec:
headers:
contentSecurityPolicy: "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; img-src 'self' data:; manifest-src 'self'; base-uri 'self'"
ingress:
zot:
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.middlewares: zot-csp-fix@kubernetescrd
hosts:
- host: zot0213.kro.kr
paths: