From 0899720f168c09d037e577109d7cab665fe1fb91 Mon Sep 17 00:00:00 2001 From: vasraz Date: Tue, 4 Oct 2022 18:16:26 +0100 Subject: Fix bug 'X-Frame-Options not configured: Lack of clickjacking protection' Add new Filter (ContentSecurityPolicyHeaderFilter) Signed-off-by: Vasyl Razinkov Change-Id: Ic8151df64e4b95b3d59b44a5f74dd12210f55e87 Issue-ID: SDC-4192 --- .../cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb | 1 + .../sdc-catalog-fe/templates/default/FE-configuration.yaml.erb | 3 +++ 2 files changed, 4 insertions(+) (limited to 'catalog-fe/sdc-frontend') diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb index 819638ac08..73176ed1c3 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb @@ -13,6 +13,7 @@ template "catalog-fe-config" do :basic_auth_flag => node['basic_auth']['enabled'], :user_name => node['basic_auth'][:user_name], :user_pass => node['basic_auth'][:user_pass], + :permittedAncestors => "#{ENV['permittedAncestors']}", :dcae_fe_vip => node['DCAE_FE_VIP'] }) end diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb index 8dc3c51df3..1b10845aaa 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb @@ -124,3 +124,6 @@ healthStatusExclude: - PORTAL - CATALOG_FACADE_MS - External API + +#Space separated list of permitted ancestors +permittedAncestors: <%= @permittedAncestors %> -- cgit 1.2.3-korg