Skip to content
This repository has been archived by the owner on Aug 14, 2024. It is now read-only.

Commit

Permalink
Update Content-Security-Policy (#1124)
Browse files Browse the repository at this point in the history 
* remove unused/un-approved items

* turning report only mode off

* Create CODEOWNERS

* remove google tag manager
  • Loading branch information
@Jeffreyhung
Jeffreyhung authored Jan 10, 2024
1 parent e6b7fd7 commit c9f224a
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
6 changes: 6 additions & 0 deletions .github/CODEOWNERS
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax


##### Security #####
# require review from security team for content security policy
/vercel.json @getsentry/security
4 changes: 2 additions & 2 deletions vercel.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@
"value": "1; mode=block"
},
{
"key": "Content-Security-Policy-Report-Only",
"value": "upgrade-insecure-requests; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com; connect-src 'self' sentry.io o1.ingest.sentry.io *.algolia.net *.algolianet.com *.algolia.io *.google-analytics.com stats.g.doubleclick.net; img-src * 'self' data: img.shields.io mermaid.ink user-images.githubusercontent.com www.google.com www.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri https://o1.ingest.sentry.io/api/1297620/security/?sentry_key=b3cfba5788cb4c138f855c8120f70eab"
"key": "Content-Security-Policy",
"value": "upgrade-insecure-requests; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' sentry.io o1.ingest.sentry.io *.algolia.net *.algolianet.com *.algolia.io; img-src * 'self' data: img.shields.io mermaid.ink user-images.githubusercontent.com; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri https://o1.ingest.sentry.io/api/1297620/security/?sentry_key=b3cfba5788cb4c138f855c8120f70eab"
},
{
"key": "Document-Policy",
Expand Down

1 comment on commit c9f224a

@vercel
Copy link

@vercel vercel bot commented on c9f224a Jan 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

develop – ./

develop.sentry.dev
develop-git-master.sentry.dev

Please sign in to comment.