From 802ed59f122c25c9a8327fcc974b738f7490fd6e Mon Sep 17 00:00:00 2001 From: Lassi Kortela Date: Tue, 31 Jan 2023 11:47:16 +0200 Subject: [PATCH] Add unsafe-eval for gitea.scheme.org Sadly required by some of the third-party JavaScript frameworks Gitea is using. https://github.com/go-gitea/gitea/issues/19851 --- nginx.scm | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/nginx.scm b/nginx.scm index aefc8ce..62c99b6 100644 --- a/nginx.scm +++ b/nginx.scm @@ -395,16 +395,22 @@ (static-site "video") - (https-server - '("gitea.scheme.org") - "access_log /production/gitea/log/nginx/access.log;" - "error_log /production/gitea/log/nginx/error.log;" - (block "location /" - "proxy_pass http://localhost:9030;" - "proxy_set_header Host $host;" - "proxy_set_header X-Real-IP $remote_addr;" - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" - "client_max_body_size 1G;")) + (parameterize ((content-security-policy + (alist-change (content-security-policy) + "script-src" + '("'self'" + "'unsafe-inline'" + "'unsafe-eval'")))) + (https-server + '("gitea.scheme.org") + "access_log /production/gitea/log/nginx/access.log;" + "error_log /production/gitea/log/nginx/error.log;" + (block "location /" + "proxy_pass http://localhost:9030;" + "proxy_set_header Host $host;" + "proxy_set_header X-Real-IP $remote_addr;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" + "client_max_body_size 1G;"))) (block "map $go_scheme_source $go_scheme_target" "include /production/go/nginx/map.conf;")