Dynamic CSP (Content Security Policy) connect-src in Angular

I defined the CSP within meta tags in my Angulars project index.html file <meta http-equiv=”Content-Security-Policy” content=”default-src ‘self’; connect-src ‘self’ https://baseurl1/ https://baseurl2/ https://baseurl3/; img-src ‘self’ data: http://baseurl/; frame-src ‘self’ blob:; media-src ‘self’ https://baseurl/; script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’ http://baseurl/; style-src ‘self’ ‘unsafe-inline’;”> My issue is, that I want to whitelist exactly one more connect-src dynamically based on…

Details

Traefik 2 middleware works for https, not http

I’m trying to setup a route do a basic 301 redirect with the added benefit of supporting both HTTP and HTTPS requests. Expected results would be that requests to http://subdom.domain.org or https://subdom.domain.org would receive a 301 and be forwarded to https://othersub.domain.org/route. Actual results is that https://subdom.domain.org 301’s as expected, but http://subdom.domain.org 404’s. With the config,…

Details