Hello, dear all,
I need to customize captive portal page and include some script from other
web-site. I see that CSP security policy is set in file captiveportal.pm,
and it blocks that script.
I have added script source site in the CSP policy part of captiveportal.pm
file, but don't see it applied - previouse version is still used. I suspect,
that there is need to do some proceeding to update used policy. How can I
do this?
This is part of captiveportal.pm file I want to add source for my script (my
addition is marked by yellow):
=head2 csp_server_headers
Return CSP (Content-Security-Policy) headers
=cut
sub csp_server_headers {
my ($c) = @_;
my $captive_portal_network_detection_ip =
$Config{'captive_portal'}{'network_detection_ip'};
$c->response->header('Content-Security-Policy' => "default-src 'none';
script-src 'self' https://mydomain.com https://js.stripe.com
https://jstest.authorize.net https://js.authorize.net; connect-src 'self';
img-src 'self' http://$captive_portal_network_detection_ip/; style-src
'self'; font-src 'self';");
}
>From Chrome console I see that old policy without my edition is applied.
Any ideas what I need to do to get update policy applied? Fors ome other
setting there was admin GUI rebuilding proceeding required, but it doesn't
help in this case.
Thanks in advance,
Eizens
_______________________________________________
PacketFence-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
