Customize Content Security Policy

weird-oecophylla · October 23, 2023, 2:02pm

Hi,

I developped a web plugin which is embedding an iframe.

However the iframe loading is blocked by Content Security Policy set to default-src.

It seems to be a new security parameter as I did not encounter this error on graylog 5.0.8.

The current version of graylog I’m working on is 5.1.4.

Does any parameter officially exist for customizing th CSP ?

weird-oecophylla · October 24, 2023, 8:26am

I discovered the new parameter http_allow_embedding.

However it did not fix the problem once parameter set to true.

system · November 7, 2023, 8:27am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Embedding external content Graylog Add-ons documentation , components	1	221	November 10, 2023
Threat Intelligence Plugin Rules Graylog Central (peer support)	4	1108	January 19, 2022
[REQ] ... About Graylog 3.0 Graylog Central (peer support)	4	479	February 28, 2019
Add Security headers Graylog Central (peer support)	2	914	August 21, 2018
Graylog 4.3 - reinstall plugin Graylog Central (peer support)	8	952	September 16, 2022