[nginxplus] add x-frame config for library website

VickieKarasic commented 7 months ago

[x] add x-frame option for https://princeton.libwizard.com/ on library-staging config file (see library-staging.conf for where to put header option)
[x] add x-frame option for https://princeton.libwizard.com/ on library prod config file
[x] add x-frame option for https://princeton.libwizard.com/ on catalog-staging config file (see catalog-staging.conf]
[x] add x-frame option for https://princeton.libwizard.com/ on catalog-prod config file (see catalog-prod.conf]
[x] add x-frame option for https://princeton.libwizard.com/ on dss-staging config file (see dss-staging.conf]
[x] add x-frame option for https://princeton.libwizard.com/ on dss-prod config file (see dss-prod.conf]
[ ] put in ticket with Ex Libris to see if we can add an exception for LibWizard domain to Articles+ platform

Some guidance on how to do this

More examples

VickieKarasic commented 7 months ago

Tried changing the ALLOW-FROM on nginx http config but this did not work so far (see #4743)

VickieKarasic commented 7 months ago

The ALLOW-FROM protocol is outdated, so adding add_header Content-Security-Policy "frame-ancestors 'self' https://princeton.libwizard.com;" this worked instead.

VickieKarasic commented 3 weeks ago

There wasn't further interest in exploring the Articles+ integration, so will close this issue.

pulibrary / princeton_ansible

[nginxplus] add x-frame config for library website #4740