Dynamic parts of CSP #344
Unanswered
kwesterfeld2
asked this question in
Q&A
Dynamic parts of CSP
#344
Replies: 2 comments 1 reply
-
|
You can set defineNuxtConfig({
security: {
headers: {
contentSecurityPolicy: {
"connect-src": [...],
"frame-src": [...],
}
}
}
}) |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Yes I'm doing this during build. What I want to do is do this at runtime, augmenting these two values with configuration set after deployment. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Hey I think that this will be added with this PR #298 (comment) |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Is it possible to alter the configuration of my application to add to two parts of the CSP generated for each page?
I want to be able to add to the
connect-srcandframe-srcportions of the CSP served by my app.I am planning on using nitro for some of the API endpoints I have to build, but not too familiar with how a request/response can be filtered. I would think I can get/set headers during the request pipeline but this seems messy.
Beta Was this translation helpful? Give feedback.
All reactions