update cryptpad template to match 5.3.0

2023-05-15 18:08:10 +02:00 · 2023-05-15 18:08:10 +02:00 · 3defdedc26
parent 1487af80da
commit 3defdedc26
1 changed files with 6 additions and 9 deletions
--- a/templates/etc/nginx/sites-available/cryptpad.j2
+++ b/templates/etc/nginx/sites-available/cryptpad.j2
@ -13,15 +13,12 @@
  set $main_domain "{{ item.ssl_name }}";
  set $sandbox_domain "sandbox.{{ item.ssl_name }}";

-  # By default CryptPad allows remote domains to embed CryptPad documents in iframes.
-  # This behaviour can be blocked by changing $allowed_origins from "*" to the
-  # sandbox domain, which must be permitted to load content from the main domain
-  # in order for CryptPad to work as expected.
-  #
-  # An example is given below which can be uncommented if you want to block
-  # remote sites from including content from your server
-  set $allowed_origins "*";
-  # set $allowed_origins "https://${sandbox_domain}";
+  # By default CryptPad forbids remote domains from embedding CryptPad documents in iframes.
+  # The sandbox domain must always be permitted in order for the platform to function.
+  # If you wish to enable remote embedding you may change the value below to "*"
+  # as per the commented value.
+  set $allowed_origins "https://${sandbox_domain}";
+  #set $allowed_origins "*";

  # CryptPad's dynamic content (websocket traffic and encrypted blobs)
  # can be served over separate domains. Using dedicated domains (or subdomains)