Table of Contents |
---|
...
/usr/local/omk/bin/opcommon-cli.exe act=secrets_randomise [force=true] [length=N]
Where:
force=true
will change the token even if this is not the default (Like =~ change_me)length=N
will force the token length to N (32 by default)
...
The default values can be overwritten by setting the configuration item security_content_policy under the authentication section in the configuration file, opCommon.json.
...
Code Block |
---|
"connect-src 'self' opmantek.com community.opmantek.com services.opmantek.com maps.googleapis.com ws: wss: maps.google.com maps.gstatic.com; font-src 'self' fonts.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' maps.googleapis.com maps.google.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; worker-src 'self';" |
...
For example, if you want to include one of the Opmantek FirstWave applications in an iFrame, you would need to include directives for frame-ancestors and frame-src, e.g.
...
Code Block |
---|
"security_content_policy": "connect-src 'self' opmantek.com community.opmantek.com services.opmantek.com maps.googleapis.com ws: wss: maps.google.com maps.gstatic.com;
font-src 'self' fonts.gstatic.com;
form-action 'self';
frame-ancestors https://*.yourdomain.com;
frame-src https://*.yourdomain.com;
manifest-src 'none';
media-src 'none';
object-src 'none';
prefetch-src 'self';
script-src 'self' 'unsafe-eval' 'unsafe-inline' maps.googleapis.com maps.google.com;
style-src 'self' fonts.googleapis.com 'unsafe-inline';
worker-src 'self';" |
...