Customize Content Security Policy


I developped a web plugin which is embedding an iframe.

However the iframe loading is blocked by Content Security Policy set to default-src.

It seems to be a new security parameter as I did not encounter this error on graylog 5.0.8.

The current version of graylog I’m working on is 5.1.4.

Does any parameter officially exist for customizing th CSP ?

I discovered the new parameter http_allow_embedding.

However it did not fix the problem once parameter set to true.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.