fix: granafa dashboard iframe policy (#357)

commit: f38dd74b3ec5ff4a9f04773eb23189a11ae25e66 [log] [tgz]
author: donlinglok <6138806+donlinglok@users.noreply.github.com> Wed Dec 28 09:08:28 2022 +0800
committer: GitHub <noreply@github.com> Wed Dec 28 09:08:28 2022 +0800
tree: 79bc7a62efe4018982d860342f32b4f8fdf52a1b
parent: e5b6bd73004acedaab6bf2a0edc00ba89b5e18db [diff]
diff --git a/example/dashboard_conf/conf.yaml b/example/dashboard_conf/conf.yaml
index a5a2f08..ea0b15d 100644
--- a/example/dashboard_conf/conf.yaml
+++ b/example/dashboard_conf/conf.yaml

@@ -44,6 +44,14 @@
         logs/access.log  # supports relative path, absolute path, standard output
                          # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
                          # log example: 2020-12-09T16:38:09.039+0800	INFO	filter/logging.go:46	/apisix/admin/routes/r1	{"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []}
+  security:
+      # access_control_allow_origin: "http://httpbin.org"
+      # access_control_allow_credentials: true          # support using custom cors configration
+      # access_control_allow_headers: "Authorization"
+      # access_control-allow_methods: "*"
+      # x_frame_options: "deny"
+      content_security_policy: "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src *"  # You can set frame-src to provide content for your grafana panel.
+
 authentication:
   secret:
     secret              # secret for jwt token generation.
commit	f38dd74b3ec5ff4a9f04773eb23189a11ae25e66	[log] [tgz]
author	donlinglok <6138806+donlinglok@users.noreply.github.com>	Wed Dec 28 09:08:28 2022 +0800
committer	GitHub <noreply@github.com>	Wed Dec 28 09:08:28 2022 +0800
tree	79bc7a62efe4018982d860342f32b4f8fdf52a1b
parent	e5b6bd73004acedaab6bf2a0edc00ba89b5e18db [diff]