jwy
/
aeon_dashboard_back
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

img-src 'self' data: https://*.amazonaws.com;

master
review512jwy@163.com 5 days ago
parent
e205323db1
commit
80559dffd1
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      dongjian-dashboard-back-controller/src/main/java/com/dongjian/dashboard/back/configurator/CrosXssFilter.java

2
dongjian-dashboard-back-controller/src/main/java/com/dongjian/dashboard/back/configurator/CrosXssFilter.java
View File

@ -79,7 +79,7 @@ public class CrosXssFilter implements Filter {
String nonce = UUID.randomUUID().toString().replace("-", "").substring(0, 16); // 生成随机 nonce
httpServletResponse.setHeader("Content-Security-Policy",
"default-src 'self'; " +
"img-src 'self' data:; "+
"img-src 'self' data: https://*.amazonaws.com;"+
"font-src 'self' https://i.alicdn.com data:; "+ //阿里系的ui组件
// "script-src 'self' 'nonce-" + nonce + "'; " + //nonce针对内联 JavaScript
// "style-src 'self' 'nonce-" + nonce + "'; " + //nonce针对内联 CSS

Write Preview
Loading…
Cancel
Save