Commit - ipsilon - 47dd9c5432da760e3b780a50ae339ae385b16b7c

ipsilon

`47dd9c5` Add configuration for the `frame-ancestors` value of CSP

Authored and Committed by abompard 3 months ago

raw patch tree parent

4 files changed. 13 lines added. 4 lines removed.

examples/ipsilon.conf

file modified

+1 -0

ipsilon/util/endpoint.py

file modified

+3 -4

man/ipsilon.conf.5.in

    Add configuration for the `frame-ancestors` value of CSP
    
    Add a configuration option to set the domains allowed to display Ipsilon
    in a frame / iframe / embed using Content Security Policy.
    
    Also, `X-Frame-Options` is deprecated and replaced by Content Security
    Policy, remove it.
    
    Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2235532
    
    Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

examples/ipsilon.conf

file modified

+1 -0

ipsilon/util/endpoint.py

file modified

+3 -4

man/ipsilon.conf.5.in

file modified

+3 -0

tests/test1.py

file modified

+6 -0

ipsilon

Source Code

47dd9c5 Add configuration for the `frame-ancestors` value of CSP

Authored and Committed by abompard 3 months ago

`47dd9c5` Add configuration for the `frame-ancestors` value of CSP