Add 'connect-src' directive to Content Security Policy

This commit adds the 'connect-src' directive to the Content Security Policy in the nelmio_security.yaml file. This allows connections only to the same origin ('self').
2024-02-07 17:22:05 +01:00 · 2024-02-07 17:22:05 +01:00 · 60de619080
parent 3305c26750
commit 60de619080
1 changed files with 2 additions and 0 deletions
--- a/config/packages/nelmio_security.yaml
+++ b/config/packages/nelmio_security.yaml
@ -46,6 +46,8 @@ nelmio_security:
                - 'self'
            font-src:
                - 'self'
+            connect-src:
+                - 'self'
            form-action:
                - 'none'
            frame-ancestors: