From 8321aa7f5b5456a14afaf25ad6f08f6b48f6a9d7 Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Tue, 1 Dec 2020 12:06:14 +1100
Subject: [PATCH] alter the content-security-policy to see if I Can have
 backends on a different domain

---
 nginx_snippets/sv2.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx_snippets/sv2.conf b/nginx_snippets/sv2.conf
index db79cb8..9add262 100644
--- a/nginx_snippets/sv2.conf
+++ b/nginx_snippets/sv2.conf
@@ -2,7 +2,7 @@ location ~ /.* {
         root /opt/strudel2/spa/sv2/;
         #alias /var/www/sv2/dist/sv2/;
         try_files $uri$args $uri$args/ $uri/ /index.html;
-        add_header Content-Security-Policy "default-src 'self' *.cloud.cvl.org.au; style-src 'self' fonts.googleapis.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com";
+        add_header Content-Security-Policy "default-src 'self' *.cloud.cvl.org.au *.desktop.massive.org.au; style-src 'self' fonts.googleapis.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com";
         add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
     	add_header X-Frame-Options "SAMEORIGIN";
     	add_header X-XSS-Protection "1; mode=block";
-- 
GitLab