config/packages/nelmio_security.yaml

nelmio_security:
    # Content Security Policy (CSP)
    csp:
        enforce:
            default-src: ["'self'"]
            script-src:
                - "'self'"
                - "nonce"
                - "https://sentry.esy-web.dev"
                - "https://chat.esy-web.dev"
                - "https://auth.esy-web.dev"
                - "https://static.cloudflareinsights.com"
                - "'strict-dynamic'"
            connect-src:
                - "'self'"
                - "https://sentry.esy-web.dev"
                - "https://chat.esy-web.dev"
                - "https://auth.esy-web.dev"
                - "https://cloudflareinsights.com"
            frame-src:
                - "'self'"
                - "https://chat.esy-web.dev"
                - "https://auth.esy-web.dev"
            style-src:
                - "'self'"
                - "'unsafe-inline'"
                - "https://chat.esy-web.dev"
            img-src:
                - "'self'"
                - "data:"
                - "https://chat.esy-web.dev"
            font-src:
                - "'self'"
                - "data:"
            frame-ancestors: ["'none'"]
            # Optionnel : forcer le passage en HTTPS
            upgrade-insecure-requests: false
``` ✨ feat(ansible/caddy): Supprime CSP statique et Permissions-Policy obsolète 🐛 fix(assets/admin): Corrige la gestion du menu admin et des flashs ✨ feat(Twig/ViteAssetExtension): Ajoute CSP nonce et gère les favicons 🐛 fix(Entity/AuditLog): Corrige la relation ManyToOne avec Account ➕ feat: Ajoute NelmioSecurityBundle pour gérer la sécurité CSP ``` 2026-01-15 20:35:46 +01:00			`nelmio_security:`
			`# Content Security Policy (CSP)`
			`csp:`
			`enforce:`
			`default-src: ["'self'"]`
			`script-src:`
			`- "'self'"`
			`- "nonce"`
			`- "https://sentry.esy-web.dev"`
			`- "https://chat.esy-web.dev"`
			`- "https://auth.esy-web.dev"`
			`- "https://static.cloudflareinsights.com"`
			`- "'strict-dynamic'"`
			`connect-src:`
			`- "'self'"`
			`- "https://sentry.esy-web.dev"`
			`- "https://chat.esy-web.dev"`
			`- "https://auth.esy-web.dev"`
			`- "https://cloudflareinsights.com"`
			`frame-src:`
			`- "'self'"`
			`- "https://chat.esy-web.dev"`
			`- "https://auth.esy-web.dev"`
			`style-src:`
			`- "'self'"`
			`- "'unsafe-inline'"`
			`- "https://chat.esy-web.dev"`
			`img-src:`
			`- "'self'"`
			`- "data:"`
			`- "https://chat.esy-web.dev"`
			`font-src:`
			`- "'self'"`
			`- "data:"`
			`frame-ancestors: ["'none'"]`
			`# Optionnel : forcer le passage en HTTPS`
			`upgrade-insecure-requests: false`