Update security policy with new map url

testower · testower · commit d6d6b0295100 · 2024-09-06T15:47:17.000+02:00
diff --git a/firebase.json b/firebase.json
@@ -92,7 +92,7 @@
             },
             {
               "key": "Content-Security-Policy",
-              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
+              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
             },
             {
               "key": "Referrer-Policy",
@@ -152,7 +152,7 @@
             },
             {
               "key": "Content-Security-Policy",
-              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
+              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
             },
             {
               "key": "Referrer-Policy",
@@ -212,7 +212,7 @@
             },
             {
               "key": "Content-Security-Policy",
-              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
+              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
             },
             {
               "key": "Referrer-Policy",

Original file line number	Diff line number	Diff line change
`@@ -92,7 +92,7 @@`
`92`	`92`	`},`
`93`	`93`	`{`
`94`	`94`	`"key": "Content-Security-Policy",`
`95`		- "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
	`95`	+ "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
`96`	`96`	`},`
`97`	`97`	`{`
`98`	`98`	`"key": "Referrer-Policy",`
`@@ -152,7 +152,7 @@`
`152`	`152`	`},`
`153`	`153`	`{`
`154`	`154`	`"key": "Content-Security-Policy",`
`155`		- "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
	`155`	+ "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
`156`	`156`	`},`
`157`	`157`	`{`
`158`	`158`	`"key": "Referrer-Policy",`
`@@ -212,7 +212,7 @@`
`212`	`212`	`},`
`213`	`213`	`{`
`214`	`214`	`"key": "Content-Security-Policy",`
`215`		- "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
	`215`	+ "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com .ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: .tile.openstreetmap.org cdnjs.cloudflare.com cache.kartverket.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
`216`	`216`	`},`
`217`	`217`	`{`
`218`	`218`	`"key": "Referrer-Policy",`