Open DerekRoberts opened 12 months ago
OpenShift deployments for TEST and PROD are getting stuck on CSP for inline scripts. Ideally we'd move anything inline to its own file and disable unsafe-inline in the Caddyfile. Any reason we can't do this?
unsafe-inline
We can disable the checks, but it's safer to work with them. Controlled in Caddyfile. https://github.com/bcgov/nr-results-exam/blob/main/frontend/Caddyfile#L26
@RMCampos @jazzgrewal
Yep, agreed! That's the right move.
OpenShift deployments for TEST and PROD are getting stuck on CSP for inline scripts. Ideally we'd move anything inline to its own file and disable
unsafe-inline
in the Caddyfile. Any reason we can't do this?We can disable the checks, but it's safer to work with them. Controlled in Caddyfile. https://github.com/bcgov/nr-results-exam/blob/main/frontend/Caddyfile#L26
@RMCampos @jazzgrewal