From 123dd857d483367f760c834de0b68d693b57ea43 Mon Sep 17 00:00:00 2001 From: Greg Rushton Date: Wed, 25 Oct 2023 09:22:55 -0400 Subject: [PATCH] rm csp --- conf/conf.d/default.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/conf/conf.d/default.conf b/conf/conf.d/default.conf index 0b06b0073..fe21d3e3c 100644 --- a/conf/conf.d/default.conf +++ b/conf/conf.d/default.conf @@ -12,7 +12,6 @@ server { server_tokens off; listen 8080; expires $expires; - add_header Content-Security-Policy "default-src 'self' accounts.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' apis.google.com *.google-analytics.com www.gstatic.com accounts.google.com; connect-src 'self' *.firecloud.org *.broadinstitute.org *.googleapis.com *.google-analytics.com profile-dot-broad-shibboleth-prod.appspot.com broadinstitute.zendesk.com; img-src 'self' data: *.google-analytics.com; style-src 'self' 'unsafe-inline' www.gstatic.com; base-uri 'self'; form-action 'self'; font-src 'self' fonts.gstatic.com; frame-ancestors 'self';"; error_page 400 401 403 404 /; location / { root /usr/share/nginx/html;