Add 'connect-src' directive to Content Security Policy

This commit adds the 'connect-src' directive to the Content Security Policy in the nelmio_security.yaml file. This allows connections only to the same origin ('self').
This commit is contained in:
Jeroen De Meerleer 2024-02-07 17:22:05 +01:00
parent 3305c26750
commit 60de619080
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6

View File

@ -46,6 +46,8 @@ nelmio_security:
- 'self' - 'self'
font-src: font-src:
- 'self' - 'self'
connect-src:
- 'self'
form-action: form-action:
- 'none' - 'none'
frame-ancestors: frame-ancestors: