Skip to content

Commit

Permalink
[APP-4348] add blob to img-src to fix CSP issue encountered by a cust…
Browse files Browse the repository at this point in the history 
…omer (#118)
  • Loading branch information
@dagadbm
dagadbm authored Nov 11, 2024
1 parent f25f1e2 commit 9b9a9e2
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion charts/datafold/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: datafold
description: Helm chart package to deploy Datafold on kubernetes.
type: application
version: 0.6.46
version: 0.6.47
appVersion: "1.0.0"
icon: https://www.datafold.com/logo.png

Expand Down
2 changes: 1 addition & 1 deletion charts/datafold/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ config:
alertsWithMultiDimAndMultiField: ""
enableGraphInvariantsChecks: "false"
lineageTestingDb: ""
contentSecurityPolicy: "default-src 'self'; connect-src 'self' *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com raw.githubusercontent.com api.perfalytics.com perfalytics.com api.avo.app track.customer.io www.google-analytics.com browser-http-intake.logs.datadoghq.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com forms.hubspot.com wss://*.hotjar.com *.hotjar.io *.analytics.google.com *.g.doubleclick.net api.amplitude.com; style-src 'self' 'unsafe-inline' *.getbeamer.com fonts.googleapis.com *.usepylon.com *.posthog.com *.pusher.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com perfalytics.com assets.customer.io *.hs-scripts.com js.hs-scripts.com js.hs-banner.com js.hscollectedforms.net www.google-analytics.com js.hs-analytics.net https://www.google-analytics.com *.googletagmanager.com *.hotjar.com cdn.jsdelivr.net cdn.amplitude.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com; img-src 'self' http: https: data:; object-src 'none'; frame-ancestors 'none'; worker-src 'self' blob:; frame-src 'self' *.getbeamer.com calendly.com;"
contentSecurityPolicy: "default-src 'self'; connect-src 'self' *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com raw.githubusercontent.com api.perfalytics.com perfalytics.com api.avo.app track.customer.io www.google-analytics.com browser-http-intake.logs.datadoghq.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com forms.hubspot.com wss://*.hotjar.com *.hotjar.io *.analytics.google.com *.g.doubleclick.net api.amplitude.com; style-src 'self' 'unsafe-inline' *.getbeamer.com fonts.googleapis.com *.usepylon.com *.posthog.com *.pusher.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com perfalytics.com assets.customer.io *.hs-scripts.com js.hs-scripts.com js.hs-banner.com js.hscollectedforms.net www.google-analytics.com js.hs-analytics.net https://www.google-analytics.com *.googletagmanager.com *.hotjar.com cdn.jsdelivr.net cdn.amplitude.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com *.getbeamer.com *.usepylon.com *.posthog.com *.pusher.com; img-src 'self' http: https: data: blob:; object-src 'none'; frame-ancestors 'none'; worker-src 'self' blob:; frame-src 'self' *.getbeamer.com calendly.com;"
customerAdaptation: ""
customVars: []

Expand Down

0 comments on commit 9b9a9e2

Please sign in to comment.