fix: granafa dashboard iframe policy (#357)
diff --git a/example/dashboard_conf/conf.yaml b/example/dashboard_conf/conf.yaml
index a5a2f08..ea0b15d 100644
--- a/example/dashboard_conf/conf.yaml
+++ b/example/dashboard_conf/conf.yaml
@@ -44,6 +44,14 @@
logs/access.log # supports relative path, absolute path, standard output
# such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
# log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []}
+ security:
+ # access_control_allow_origin: "http://httpbin.org"
+ # access_control_allow_credentials: true # support using custom cors configration
+ # access_control_allow_headers: "Authorization"
+ # access_control-allow_methods: "*"
+ # x_frame_options: "deny"
+ content_security_policy: "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src *" # You can set frame-src to provide content for your grafana panel.
+
authentication:
secret:
secret # secret for jwt token generation.