ligbox/ligbox-ops-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ligbox-ops-platform/deploy/vm112-wizard-security/traefik-csp-headers.example.yml
Ligbox Spec Hub 3a2c64834b Initial import: ligbox-ops-platform + specs + LAPTOP + obsidian merge (CT130) 
Source: VM122 /opt + obsidian-infra + LAPTOP
Hub: CT130 spec-hub 10.10.10.130
2026-06-19 17:26:41 +00:00

28 lines
1,000 B
YAML
Raw Blame History

# Traefik dynamic config — CSP para portal/wizard (CT114)
# Ajustar hostnames e validar libs externas antes de aplicar em produção.
http:
middlewares:
wizard-csp:
headers:
contentSecurityPolicy: >-
default-src 'self';
script-src 'self' 'unsafe-inline';
style-src 'self' 'unsafe-inline';
img-src 'self' data: https:;
connect-src 'self' https://desk.ligbox.com.br;
frame-ancestors 'none';
base-uri 'self';
form-action 'self';
report-uri https://desk.ligbox.com.br/api/v1/security/csp-report;
contentSecurityPolicyReportOnly: false
referrerPolicy: strict-origin-when-cross-origin
permissionsPolicy: "geolocation=(), microphone=(), camera=()"
customResponseHeaders:
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
routers:
# Exemplo — anexar middleware ao router existente do wizard:
# middlewares:
# - wizard-csp
Reference in a new issue View git blame Copy permalink