I would like to have S3 bucked stored Single Page Application and its backend in the same domain. Now I am using ALB Listeners configuration to serve a fixed response for my index.html
(by path). The default rule poits to a Target Group hosting my Java backend. Thanks to multiple Content-Security-Policy entries in the index file I am very close to reach 1024 characters limit. Do you know any way to avoid that? My index.html
looks more or less like this:
<!doctype html><html lang="en">
<head>
<base href="/">
<meta charset="utf-8">
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' https://xxx.s3.eu-central-1.amazonaws.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/">
<meta name="viewport" content='width=device-width, initial-scale=1, maximum-scale=1, minimal-ui'>
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link rel='icon' href='/favicon.ico'></head>
<body>
<xxx-root>
</xxx-root>
<script src="https://xxx.s3.eu-central-1.amazonaws.com/runtime.js.gz" defer></script>
</body>
</html>