Update csp

bcgov · Dec 6, 2024 · 2c31c3e · 2c31c3e
1 parent 213fe83
commit 2c31c3e
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/backend/openshift.deploy.yml b/backend/openshift.deploy.yml
@@ -91,11 +91,11 @@ objects:
                       name: nr-nmp-keycloak
                       key: SSO_CLIENT_SECRET
                 - name: SSO_REDIRECT_URL
-                  value: http://${APP}-${TARGET}-${COMPONENT}.apps.silver.devops.gov.bc.ca/auth/callback
+                  value: https://${APP}-${TARGET}-${COMPONENT}.apps.silver.devops.gov.bc.ca/auth/callback
                 - name: FRONTEND_URL
-                  value: http://${APP}-${TARGET}.apps.silver.devops.gov.bc.ca
+                  value: https://${APP}-${TARGET}.apps.silver.devops.gov.bc.ca
                 - name: BACKEND_URL
-                  value: http://${APP}-${TARGET}-${COMPONENT}.apps.silver.devops.gov.bc.ca
+                  value: https://${APP}-${TARGET}-${COMPONENT}.apps.silver.devops.gov.bc.ca
               ports:
                 - containerPort: 3000
                   protocol: TCP

diff --git a/frontend/Caddyfile b/frontend/Caddyfile
@@ -42,7 +42,7 @@
 		Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate"
 		X-Content-Type-Options "nosniff"
 		Strict-Transport-Security "max-age=31536000"
-		Content-Security-Policy "default-src 'self' https://spt.apps.gov.bc.ca data:; script-src 'self' 'unsafe-eval' https://www2.gov.bc.ca ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://fonts.googleapis.com http://www.w3.org https://*.gov.bc.ca"
+		Content-Security-Policy "connect-src 'self' https://*.gov.bc.ca https://registry.npmjs.org/@bcgov ;default-src 'self' https://spt.apps.gov.bc.ca data:; script-src 'self' 'unsafe-eval' https://www2.gov.bc.ca ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://fonts.googleapis.com http://www.w3.org https://*.gov.bc.ca"
 		Referrer-Policy "same-origin"
 		Feature-Policy "fullscreen 'self'; camera 'none'; microphone 'none'"
 	}

diff --git a/frontend/openshift.deploy.yml b/frontend/openshift.deploy.yml
@@ -64,9 +64,9 @@ objects:
                 - name: LOG_LEVEL
                   value: info
                 - name: VITE_BACKEND_URL
-                  value: http://${APP}-${TARGET}-backend.apps.silver.devops.gov.bc.ca
+                  value: https://${APP}-${TARGET}-backend.apps.silver.devops.gov.bc.ca
                 - name: BACKEND_URL
-                  value: http://${APP}-${TARGET}-backend.apps.silver.devops.gov.bc.ca
+                  value: https://${APP}-${TARGET}-backend.apps.silver.devops.gov.bc.ca
                 - name: VITE_PORT
                   value: '5173'
                 - name: SSO_CLIENT_ID