fixed csp for local

2022-09-17 12:36:28 +02:00 · 2022-09-17 12:36:28 +02:00 · 0c64635c89
commit 0c64635c89
parent b782d94e61
5 changed files with 6 additions and 8 deletions
--- a/src/Services/Identity/Identity.API/Startup.cs
+++ b/src/Services/Identity/Identity.API/Startup.cs
@ -121,10 +121,10 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
            app.UseStaticFiles();
-            // Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
+            // TODO Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
            app.Use(async (context, next) =>
            {
-                context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'");
+                context.Response.Headers.Add("Content-Security-Policy", "script-src 'self' http://host.docker.internal:5105; script-src-elem 'self' http://host.docker.internal:5105");
                await next();
            });
--- a/src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml
+++ b/src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml
@ -3,7 +3,6 @@
 <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; script-src-elem 'unsafe-inline'">
    <title>eShopOnContainers - Identity</title>
    <link rel="icon" type="image/x-icon" href="~/favicon.ico" />
    <link rel="shortcut icon" type="image/x-icon" href="~/favicon.ico" />
--- a/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml
+++ b/src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml
@ -3,7 +3,6 @@
 <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; script-src-elem 'unsafe-inline'">
    <title>eShopOnContainers Identity</title>
    <link rel="icon" type="image/x-icon" href="~/favicon.ico" />
    <link rel="shortcut icon" type="image/x-icon" href="~/favicon.ico" />
--- a/src/Services/Identity/Identity.API/Views/Shared/_ValidationScriptsPartial.cshtml
+++ b/src/Services/Identity/Identity.API/Views/Shared/_ValidationScriptsPartial.cshtml
@ -1,10 +1,10 @@
 <environment names="Development">
-    <script src="~/lib/jquery-validation/dist/jquery.validate.js"></script>
+    <script src="~/lib/jquery-validate/jquery.validate.js"></script>
    <script src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js"></script>
 </environment>
 <environment names="Staging,Production">
    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js"
-            asp-fallback-src="~/lib/jquery-validation/dist/jquery.validate.min.js"
+            asp-fallback-src="~/lib/jquery-validate/jquery.validate.min.js"
            asp-fallback-test="window.jQuery && window.jQuery.validator">
    </script>
    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js"
--- a/src/Services/Identity/Identity.API/wwwroot/_references.js
+++ b/src/Services/Identity/Identity.API/wwwroot/_references.js
@ -1,6 +1,6 @@
 /// <autosync enabled="true" />
 /// <reference path="js/site.js" />
 /// <reference path="lib/bootstrap/dist/js/bootstrap.js" />
-/// <reference path="lib/jquery/dist/jquery.js" />
+/// <reference path="lib/jquery/jquery.js" />
-/// <reference path="lib/jquery-validation/dist/jquery.validate.js" />
+/// <reference path="lib/jquery-validate/jquery.validate.js" />
 /// <reference path="lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js" />