Skip to content

Commit

Permalink
modify connect-src of Content Security Policy to include dynamic wss …
Browse files Browse the repository at this point in the history 
…URL based on configured base URL
  • Loading branch information
@MichaelPeter-Shockoe
MichaelPeter-Shockoe committed Jan 17, 2020
1 parent e57fc1c commit 5ff6266
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
2 changes: 2 additions & 0 deletions docs/docker.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Run `docker build -t send:latest .` to create an image or `docker-compose up` to
| `SENTRY_DSN` | Sentry DSN
| `MAX_FILE_SIZE` | in bytes (defaults to 2147483648)
| `NODE_ENV` | "production"
| `BASE_URL` | The HTTPS URL where traffic will be served (e.g. `https://send.firefox.com`)

## Example:

Expand All @@ -22,5 +23,6 @@ $ docker run --net=host -e 'NODE_ENV=production' \
-e 'REDIS_HOST=dyf9s2r4vo3.bolxr4.0001.usw2.cache.amazonaws.com' \
-e 'SENTRY_CLIENT=https://[email protected]/168' \
-e 'SENTRY_DSN=https://51e23d7263e348a7a3b90a5357c61cb2:[email protected]/168' \
-e 'BASE_URL=https://send.firefox.com' \
mozilla/send:latest
```
2 changes: 1 addition & 1 deletion server/routes/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ module.exports = function(app) {
"'self'",
'wss://*.dev.lcip.org',
'wss://*.send.nonprod.cloudops.mozgcp.net',
'wss://send.firefox.com',
config.base_url.replace(/^https:\/\//, 'wss://'),
'https://*.dev.lcip.org',
'https://accounts.firefox.com',
'https://*.accounts.firefox.com',
Expand Down

0 comments on commit 5ff6266

Please sign in to comment.