Ajout de middleware pour les en-têtes CSP et X-Frame-Options dans la configuration de Keycloak

2025-02-28 03:21:02 +01:00 · 2025-02-28 03:21:02 +01:00 · a8547de16a
commit a8547de16a
parent b9e944e3f4
1 changed files with 5 additions and 0 deletions
--- a/compose.yml
+++ b/compose.yml
@ -80,6 +80,11 @@ services:
      - "traefik.enable=true"
      - "traefik.http.routers.neah-keycloak.rule=Host(`${KEYCLOAK_HOST}.${MAIN_DOMAIN}`)"
      - "traefik.http.services.neah-keycloak.loadbalancer.server.port=8080"
+      # Middleware pour les en-têtes CSP
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.Content-Security-Policy=frame-ancestors 'self' http://${MAIN_DOMAIN} http://localhost:3000"
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.X-Frame-Options=ALLOWALL"
+      # Application du middleware au routeur
+      - "traefik.http.routers.neah-keycloak.middlewares=keycloak-headers"
    volumes:
      - keycloak_data:/opt/keycloak/data
    networks: