fix csp header to accept cookies banner script

epam · Jan 30, 2025 · 298f498 · 298f498
1 parent 98f64ad
commit 298f498
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 12 deletions.
diff --git a/app/public/index.html b/app/public/index.html
@@ -27,11 +27,32 @@
       work correctly both with client-side routing and a non-root public URL.
       Learn how to configure a non-root public URL by running `npm run build`.
     -->
+
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.20.0/themes/prism-coy.min.css" integrity="sha384-v15aiNnyEfhnpemZzTVe9Bb5DHhuH7OsXGaj7SPVyQZazurou/CIJG49yqKm8lg2" crossorigin="anonymous">    <title>Unified UI</title>
     <% if (process.env.NODE_ENV === 'production') { %>
         <script src='https://menu.epam.com/scripts/menu.js?app=uui3' async></script>
     <% } %>
 
+    <% if (process.env.NODE_ENV === 'production') { %>
+    <!-- CookiePro Cookies Consent Notice start for uui.epam.com -->
+    <script type="text/javascript" src=https://cookie-cdn.cookiepro.com/consent/0194a705-dff9-7c5a-97ef-98eecb725050/OtAutoBlock.js ></script>
+    <script src=https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js  type="text/javascript" charset="UTF-8" data-domain-script="0194a705-dff9-7c5a-97ef-98eecb725050" ></script>
+    <script type="text/javascript">
+        function OptanonWrapper() { }
+    </script>
+    <!-- CookiePro Cookies Consent Notice end for uui.epam.com -->
+    <% } %>
+
+    <% if (process.env.NODE_ENV === 'development') { %>
+    <!-- CookiePro Cookies Consent Notice start for uui.epam.com development -->
+    <script type="text/javascript" src=https://cookie-cdn.cookiepro.com/consent/0194a705-dff9-7c5a-97ef-98eecb725050-test/OtAutoBlock.js ></script>
+    <script src=https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js  type="text/javascript" charset="UTF-8" data-domain-script="0194a705-dff9-7c5a-97ef-98eecb725050-test" ></script>
+    <script type="text/javascript">
+        function OptanonWrapper() { }
+    </script>
+    <!-- CookiePro Cookies Consent Notice end for uui.epam.com development -->
+    <% } %>
+
     <% if (process.env.NODE_ENV === 'production') { %>
     <!-- Google Tag Manager -->
     <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
@@ -41,16 +62,6 @@
     })(window,document,'script','dataLayer','GTM-K5QNBCKB');</script>
     <!-- End Google Tag Manager -->
     <% } %>
-
-    <!-- CookiePro Cookies Consent Notice start for uui.epam.com -->
-    <script type="text/javascript" src="https://cookie-cdn.cookiepro.com/consent/0194a705-dff9-7c5a-97ef-98eecb725050/OtAutoBlock.js" ></script>
-    <script src="https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js"  type="text/javascript" charset="UTF-8" data-domain-script="0194a705-dff9-7c5a-97ef-98eecb725050" ></script>
-    <script type="text/javascript">
-        function OptanonWrapper() { }
-    </script>
-    <!-- CookiePro Cookies Consent Notice end for uui.epam.com -->
-
-
 </head>
 <body class="uui-theme-promo">
 

diff --git a/server/utils/cspUtil.js b/server/utils/cspUtil.js
@@ -31,15 +31,15 @@ function getCspHeaderValue(isDevServer) {
             "connect-src 'self'",
             isDevServer && CUSTOM_THEME_ASSETS.LOCAL,
             CUSTOM_THEME_ASSETS.CLOUDFLARE_PAGES,
-            'https://*.epam.com https://*.amplitude.com/ wss://menu.epam.com/ https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com',
+            'https://*.epam.com https://*.amplitude.com/ wss://menu.epam.com/ https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://cookie-cdn.cookiepro.com https://geolocation.onetrust.com/',
         ),
         'frame-src *; ',
         'img-src * data: ; ',
         dir(
             "script-src 'self'",
             "'unsafe-inline'",
             isDevServer && "'unsafe-eval'",
-            'https://*.epam.com https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.amplitude.com',
+            'https://*.epam.com https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.amplitude.com https://cookie-cdn.cookiepro.com',
         ),
     );
 }