diff --git a/config/default.json b/config/default.json
index 0b6ad1c84a9c42476ce13fb6cbbfbf85c199a059..ecbc7dd74cc8c1ba5ed8d86dc6a134f20fff9fb6 100644
--- a/config/default.json
+++ b/config/default.json
@@ -4,16 +4,16 @@
"helmet": {
"directives": {
"childSrc": "'self' 3speak.online emb.d.tube player.twitch.tv www.youtube.com staticxx.facebook.com w.soundcloud.com player.vimeo.com",
- "connectSrc": "https://images.hive.blog 'self' hive.blog https://api.hive.blog api.blocktrades.us https://anyx.io https://hivesigner.com https://hivebuzz.me https://peakd.com https://api.deathwing.me",
+ "connectSrc": "https://images.hive.blog 'self' hive.blog https://api.hive.blog api.blocktrades.us https://anyx.io https://hivesigner.com https://hivebuzz.me https://peakd.com https://api.deathwing.me https://www.reddit.com",
"defaultSrc": "tpc.googlesyndication.com 'self' img.3speakcontent.online emb.d.tube www.youtube.com staticxx.facebook.com player.vimeo.com *.streamrail.com",
- "fontSrc": "data: fonts.gstatic.com",
+ "fontSrc": "data: fonts.gstatic.com cdn.embedly.com",
"frameAncestors": "'none'",
"frameSrc": "'self' https:",
"imgSrc": "* data:",
"objectSrc": "'none'",
"pluginTypes": "application/pdf",
"scriptSrc": "'unsafe-inline' 'unsafe-eval' data: https: 'self' www.google-analytics.com connect.facebook.net",
- "styleSrc": "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com",
+ "styleSrc": "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com",
"reportUri": "/api/v1/csp_violation"
},
"reportOnly": false,
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
index 976e4fa2ffb2a5a6a1109ed25a9ffa9932eb9b54..fecd6e4a88d1e32e6b83c605d55230d320caa863 100644
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -19,8 +19,9 @@ services:
SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
- SDC_HELMET_CONNECTSRC: "'self' http://hiveblog.local https://api.hive.blog https://images.hive.blog"
- SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+ SDC_HELMET_CONNECTSRC: "'self' http://hiveblog.local https://api.hive.blog https://images.hive.blog https://www.reddit.com"
+ SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+ SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
volumes:
- ./yarn.lock:/var/app/yarn.lock
- ./package.json:/var/app/package.json
diff --git a/docker-compose.localbuild.yml b/docker-compose.localbuild.yml
index 181e65707208190dbb7e8b70a020adc07f7ca3d5..a620a64872cd368eb3407a35fb89a49cf21ef345 100644
--- a/docker-compose.localbuild.yml
+++ b/docker-compose.localbuild.yml
@@ -11,8 +11,9 @@ services:
SDC_SITE_DOMAIN: hive.blog
SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
- SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://api.hive.blog https://anyx.io api.blocktrades.us https://images.hive.blog https://hivebuzz.me https://peakd.com"
- SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+ SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://api.hive.blog https://anyx.io api.blocktrades.us https://images.hive.blog https://hivebuzz.me https://peakd.com https://www.reddit.com"
+ SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+ SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
WALLET_URL: https://wallet.hive.blog
networks:
- reverse-proxy
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index c1f0e901dc20e47874bf15a0652e6e2db6e3687a..eabbcded2f88d2f99db088d15a82b30ab08273ed 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -30,8 +30,9 @@ services:
SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
SDC_ALT_API_ENDPOINTS: "https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com"
- SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://images.hive.blog https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com"
- SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+ SDC_HELMET_CONNECTSRC: "'self' hive.blog https://hive.blog https://images.hive.blog https://api.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com https://www.reddit.com"
+ SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+ SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
WALLET_URL: https://wallet.hive.blog
networks:
- reverse-proxy
diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml
index 9ad7cdcc837213657b6411d4fc46c88d185e318d..04cdeffeaeafe7bc997a4b82ab3679f8ef551ed5 100644
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@@ -13,8 +13,9 @@ services:
SDC_SITE_DOMAIN: staging-blog.hive.io
SDC_IMAGE_PROXY_PREFIX: https://images.hive.blog/
SDC_UPLOAD_IMAGE_URL: https://images.hive.blog
- SDC_HELMET_CONNECTSRC: "'self' https://api.hive.blog https://staging.hive.blog https://images.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com"
- SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com embed.redditmedia.com"
+ SDC_HELMET_CONNECTSRC: "'self' https://api.hive.blog https://staging.hive.blog https://images.hive.blog https://anyx.io https://api.openhive.network https://api.hivekings.com https://hivebuzz.me https://peakd.com https://www.reddit.com"
+ SDC_HELMET_STYLESRC: "'self' 'unsafe-inline' fonts.googleapis.com platform.twitter.com www.reddit.com cdn.embedly.com"
+ SDC_HELMET_FONTSRC: "data: fonts.gstatic.com cdn.embedly.com"
WALLET_URL: https://wallet.hive.blog
networks:
- reverse-proxy