Enabling "Content-Security-Policy" header in NGINX for Ansible Automation Platform.
Environment
- Red Hat® Ansible Automation Platform 2.x
Issue
- How to add/enable "Content-Security-Policy" header on NGINX configuration for Ansible Automation Platform?
Resolution
-
Header "Content-Security-Policy" is not part of the current AAP version and reported with following RFE:
Add "Content-Security-Policy and X-XSS-Protection" headers on NGINX Configuration -
To add "Content-Security-Policy" to Nginx configuration file manually, you can follow these steps:
- Open file
/etc/nginx/conf.d/automation-controller.nginx.confin a text editor. -
Add following lines to the
server {andlocation / {sections of the configuration file:add_header Content-Security-Policy "default-src 'self';"; add_header Content-Security-Policy "default-src 'self' 'unsafe-eval' 'unsafe-inline' *.example.com;";Note: replace
*.example.comby the domain you wish to allow in the policy.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments