From d186c79b3e7944e87b696831fad3863f6e753d06 Mon Sep 17 00:00:00 2001
From: Makhtar DIAGNE <makhtar.diagne@teamdlab.com>
Date: Tue, 26 May 2020 18:55:18 +0200
Subject: [PATCH] [TECH] Update nginx conf in order to view objects

---
 deployment/roles/reverse/templates/nginx/nginx.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deployment/roles/reverse/templates/nginx/nginx.conf.j2 b/deployment/roles/reverse/templates/nginx/nginx.conf.j2
index 3b61f19e..ef5474f3 100644
--- a/deployment/roles/reverse/templates/nginx/nginx.conf.j2
+++ b/deployment/roles/reverse/templates/nginx/nginx.conf.j2
@@ -44,7 +44,7 @@ http {
     #hide server tokens
     server_tokens off;
 
-    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' https: maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com; frame-src 'self'; object-src 'self'";
+    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' https: maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com; frame-src 'self' blob: ; object-src 'self' data: blob: ; upgrade-insecure-requests";
 
     include             /etc/nginx/mime.types;
     default_type        application/octet-stream;
-- 
GitLab