Interanet/jitsi-meet-deployment
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(web): Add CSP header

Browse Source
This commit is contained in:
emrah
2026-01-15 19:34:19 +03:00
committed by Saúl Ibarra Corretgé
parent e9af879e62
commit 4509144221
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docker-compose.yml
View File

@@ -32,6 +32,7 @@ services:
- COLIBRI_WEBSOCKET_REGEX - COLIBRI_WEBSOCKET_REGEX
- CONFCODE_URL - CONFCODE_URL
- CORS_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN - CORS_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN
- CSP_HEADER
- DEFAULT_LANGUAGE - DEFAULT_LANGUAGE
- DEPLOYMENTINFO_ENVIRONMENT - DEPLOYMENTINFO_ENVIRONMENT
- DEPLOYMENTINFO_ENVIRONMENT_TYPE - DEPLOYMENTINFO_ENVIRONMENT_TYPE

3
web/rootfs/defaults/meet.conf
View File

@@ -28,6 +28,9 @@ error_page 404 /static/404.html;
# Security headers # Security headers
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
{{ if .Env.CSP_HEADER }}
add_header Content-Security-Policy "{{ .Env.CSP_HEADER }}" always;
{{ end }}
set $prefix ""; set $prefix "";