On 11/8/2017 7:40 PM, Jonathan Trott wrote:
Has anyone else run into this issue, or has any more information on how I can modify the CSP headers to test?
I suspect google Chrome has just changed some of their requirements, because I got a call on a different CSP issue a couple of days ago.
Changing the CSP header information isn't straight forward in Xymon. In this case, it is defined in lib/cgi.c, between lines 200 and 300. If you want to _really_ change these things, you'll need to patch the file and rebuild.
If you'd like to test the required changes before doing so, you can set
XYMON_NOCSPHEADER="TRUE"
in xymonserver.cfg With this is set, xymon will not create any CSP response headers. You may then use mod_header in Apache to set whatever values you'd like.
Note: My experience is on solaris, so not with the terabithia builds.
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Department of Administration
State of Alaska