Maj nextcloud + fix cors

2022-09-13 19:50:02 +02:00
parent 7d8bb7ae4e
commit ace9ab6887
2 changed files with 8 additions and 5 deletions
--- a/traefik/traefik_dynamic.toml
+++ b/traefik/traefik_dynamic.toml
@@ -18,7 +18,7 @@
    frameDeny = true
    stsIncludeSubdomains = true
    stsPreload = true
-    customFrameOptionsValue = "SAMEORIGIN"
+    customFrameOptionsValue = "ALLOW-FROM https://code.oasis21.org https://cloud.oasis21.org"
    referrerPolicy = "same-origin"
    permissionsPolicy = "vibrate='self'"
    stsSeconds = 315360000
@@ -27,7 +27,8 @@
    excludedContentTypes = ["text/event-stream"]

  [http.middlewares.allowFrameAndCORS.headers]
-    contentSecurityPolicy = "frame-ancestors *"
+    customFrameOptionsValue = "ALLOW-FROM https://code.oasis21.org"
+    contentSecurityPolicy = "frame-ancestors * cloud.oasis21.org"
    accessControlAllowHeaders = ["*"]
    accessControlAllowMethods = ["GET", "POST", "OPTIONS"]
    accessControlAllowOriginList = ["*"]