Dynamic parts of CSP #344
Unanswered
kwesterfeld2
asked this question in
Q&A
Dynamic parts of CSP
#344
Replies: 2 comments 1 reply
-
|
You can set defineNuxtConfig({
security: {
headers: {
contentSecurityPolicy: {
"connect-src": [...],
"frame-src": [...],
}
}
}
}) |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Yes I'm doing this during build. What I want to do is do this at runtime, augmenting these two values with configuration set after deployment. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Hey I think that this will be added with this PR #298 (comment) |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Is it possible to alter the configuration of my application to add to two parts of the CSP generated for each page?
I want to be able to add to the
connect-srcandframe-srcportions of the CSP served by my app.I am planning on using nitro for some of the API endpoints I have to build, but not too familiar with how a request/response can be filtered. I would think I can get/set headers during the request pipeline but this seems messy.
Beta Was this translation helpful? Give feedback.
All reactions