synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow coder.com in CSP if telemetry is enabled (#13615)

Browse Source 
* fix: allow coder.com in CSP if telemetry is enabled

* Fix control couple lint
This commit is contained in:
Kyle Carberry
2024-06-20 15:05:22 -05:00
committed by GitHub
parent 0793a4b35b
commit 57b38e5bb8
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
coderd/coderd.go
View File

@ -1210,7 +1210,7 @@ func New(options *Options) *API {
// Add CSP headers to all static assets and pages. CSP headers only affect
// browsers, so these don't make sense on api routes.
cspMW := httpmw.CSPHeaders(func() []string {
cspMW := httpmw.CSPHeaders(options.Telemetry.Enabled(), func() []string {
if api.DeploymentValues.Dangerous.AllowAllCors {
// In this mode, allow all external requests
return []string{"*"}