From ed60c900813f95f543bed088823e2453ca9ebf26 Mon Sep 17 00:00:00 2001 From: Michael Telatynski <7t3chguy@gmail.com> Date: Thu, 23 Feb 2023 14:09:21 +0000 Subject: [PATCH] Fix frame-ancestors docs from none to self to not break Jitsi (#21128) --- README.md | 2 +- docs/kubernetes.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 324ded969..358ba6225 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ If you are using nginx, this would look something like the following: add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; -add_header Content-Security-Policy "frame-ancestors 'none'"; +add_header Content-Security-Policy "frame-ancestors 'self'"; ``` For Apache, the configuration looks like: diff --git a/docs/kubernetes.md b/docs/kubernetes.md index ee38713cf..cae8526e9 100644 --- a/docs/kubernetes.md +++ b/docs/kubernetes.md @@ -162,7 +162,7 @@ Then you can deploy it to your cluster with something like `kubectl apply -f my- add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; - add_header Content-Security-Policy "frame-ancestors 'none'"; + add_header Content-Security-Policy "frame-ancestors 'self'"; spec: rules: - host: element.example.nl