@forge/csp
5.6.1-next.05.6.1-next.1
out/csp/csp-injection-service.jsout/csp/csp-injection-service.js+5−2
Index: package/out/csp/csp-injection-service.js
===================================================================
--- package/out/csp/csp-injection-service.js
+++ package/out/csp/csp-injection-service.js
@@ -174,12 +174,15 @@
.filter((a) => a)
.join(' ');
const connectSrc = [
"'self'",
+ hostname,
...this.getConnectSrc(microsEnv, !!tunnelCSPReporterUri, icOptions),
this.getForgeGlobalCSP(microsEnv, isFedRAMP, icOptions),
...this.getExistingCSPDetails(types_1.ExternalCspType.CONNECT_SRC, existingCSPDetails)
- ].join(' ');
+ ]
+ .filter((a) => a)
+ .join(' ');
const scriptSrc = [
"'self'",
this.getForgeGlobalCSP(microsEnv, isFedRAMP, icOptions),
...getFOSHostDownload(microsEnv, icOptions),
@@ -292,9 +295,9 @@
'*.frontend.public.atl-paas.net'
];
if (macroParentHost) {
if (localhostWithPortRegex.test(macroParentHost)) {
- frameAncestors.push(macroParentHost);
+ frameAncestors.push(`http://${macroParentHost}`);
}
else {
frameAncestors.push(`${macroParentHost}.cdn.prod.atlassian-dev.net`);
}