Merge pull request #1480 from jackyzy823/fxa-csp

Handle Content-Security-Policy for self hosting FxA
2025-12-06 06:00:53 +03:00 · 2020-07-09 19:31:06 -07:00
parent d5319f4fcf e2876b119d
commit 7dd1fcca9b
2 changed files with 41 additions and 3 deletions
--- a/server/config.js
+++ b/server/config.js
@@ -155,6 +155,26 @@ const conf = convict({
    default: 'https://identity.mozilla.com/apps/send',
    env: 'FXA_KEY_SCOPE'
  },
+  fxa_csp_oauth_url: {
+    format: String,
+    default: '',
+    env: 'FXA_CSP_OAUTH_URL'
+  },
+  fxa_csp_content_url: {
+    format: String,
+    default: '',
+    env: 'FXA_CSP_CONTENT_URL'
+  },
+  fxa_csp_profile_url: {
+    format: String,
+    default: '',
+    env: 'FXA_CSP_PROFILE_URL'
+  },
+  fxa_csp_profileimage_url: {
+    format: String,
+    default: '',
+    env: 'FXA_CSP_PROFILEIMAGE_URL'
+  },
  survey_url: {
    format: String,
    default: '',