From 0a2ddbb8873cf52e2a6458a5c8b9e5e655eee607 Mon Sep 17 00:00:00 2001
From: Enol Fernandez <enol.fernandez@egi.eu>
Date: Wed, 26 Feb 2025 14:53:22 +0000
Subject: [PATCH] Also add report-uri and default-src

---
 common/playbooks/k8s.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/playbooks/k8s.yaml b/common/playbooks/k8s.yaml
index f65da34..395faf1 100644
--- a/common/playbooks/k8s.yaml
+++ b/common/playbooks/k8s.yaml
@@ -362,7 +362,7 @@
           --set controller.addHeaders.X-Content-Type-Options=nosniff
           --set controller.addHeaders.Referrer-Policy=no-referrer
           --set controller.addHeaders.Permissions-Policy="geolocation=()"
-          --set controller.addHeaders.Content-Security-Policy="frame-ancestors 'none'"
+          --set controller.addHeaders.Content-Security-Policy="frame-ancestors 'none'; report-uri /hub/security/csp-report; default-src 'self'"
           --version={{ version }}
       shell: |-
         helm status --namespace kube-system cluster-ingress
-- 
GitLab