diff --git a/CHANGELOG.md b/CHANGELOG.md index 21c74be4008..c4946650f03 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ Add any new changes to the top(right below this line). - Role: nginx - Add the possibility to add the header `Content-Security-Policy frame-ancestors`. This is configured by the - EDXAPP_LMS_IFRAME_ENABLED switcher and EDXAPP_LMS_FRAME-ANCESTORS value. + EDXAPP_LMS_IFRAME_ENABLED switcher and EDXAPP_LMS_FRAME_ANCESTORS value. - Role: edxapp BREAKING_CHANGE - The sandbox environment that runs instructor written python code used to run python 2.7. We update the default to diff --git a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2 b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2 index cb5fe33d3de..7c4d9b59f8b 100644 --- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2 +++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2 @@ -123,7 +123,7 @@ error_page {{ k }} {{ v }}; {% if EDXAPP_LMS_IFRAME_ENABLED %} # Allow iFrame for the provided hosts - add_header Content-Security-Policy "frame-ancestors 'self' {{ EDXAPP_LMS_FRAME-ANCESTORS }}"; + add_header Content-Security-Policy "frame-ancestors 'self' {{ EDXAPP_LMS_FRAME_ANCESTORS }}"; {% endif %} # Prevent invalid display courseware in IE 10+ with high privacy settings