From a8547de16a394dd2a332d269d23b329de5ab757f Mon Sep 17 00:00:00 2001
From: Kevin <k.besson@clm.foundation>
Date: Fri, 28 Feb 2025 03:21:02 +0100
Subject: [PATCH] =?UTF-8?q?Ajout=20de=20middleware=20pour=20les=20en-t?=
 =?UTF-8?q?=C3=AAtes=20CSP=20et=20X-Frame-Options=20dans=20la=20configurat?=
 =?UTF-8?q?ion=20de=20Keycloak?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 compose.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/compose.yml b/compose.yml
index efbfa5d..8f3ec9e 100644
--- a/compose.yml
+++ b/compose.yml
@@ -80,6 +80,11 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.neah-keycloak.rule=Host(`${KEYCLOAK_HOST}.${MAIN_DOMAIN}`)"
       - "traefik.http.services.neah-keycloak.loadbalancer.server.port=8080"
+      # Middleware pour les en-têtes CSP
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.Content-Security-Policy=frame-ancestors 'self' http://${MAIN_DOMAIN} http://localhost:3000"
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.X-Frame-Options=ALLOWALL"
+      # Application du middleware au routeur
+      - "traefik.http.routers.neah-keycloak.middlewares=keycloak-headers"
     volumes:
       - keycloak_data:/opt/keycloak/data
     networks: