From 4f65d3f84d50933f923516e2a2e773f0dd924ce3 Mon Sep 17 00:00:00 2001
From: "to. sandra" <76515860+sandratoh@users.noreply.github.com>
Date: Wed, 13 Mar 2024 10:46:08 -0700
Subject: [PATCH 1/3] Update portal content security policy to allow from file
 storage source (#1506)

---
 portal-frontend/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/portal-frontend/nginx.conf b/portal-frontend/nginx.conf
index 45a82c19a0..09defec047 100644
--- a/portal-frontend/nginx.conf
+++ b/portal-frontend/nginx.conf
@@ -19,7 +19,7 @@ http {
         add_header 'X-XSS-Protection' '1; mode=block';
         add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload';
         add_header 'Cache-control' 'no-cache';
-        add_header 'Content-Security-Policy' "default-src 'self';img-src 'self';style-src 'unsafe-inline' 'self';connect-src $ENABLED_CONNECT_SRC; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src 'none';";
+        add_header 'Content-Security-Policy' "default-src 'self';img-src 'self';style-src 'unsafe-inline' 'self';connect-src $ENABLED_CONNECT_SRC; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src 'self' https://nrs.objectstore.gov.bc.ca;";
         add_header 'Permissions-Policy' 'camera=(), geolocation=(), microphone=()';
         add_header 'Referrer-Policy' 'same-origin';
 

From 26d59300859fdbead2d2f829bf18bde554312925 Mon Sep 17 00:00:00 2001
From: "to. sandra" <76515860+sandratoh@users.noreply.github.com>
Date: Wed, 13 Mar 2024 11:19:09 -0700
Subject: [PATCH 2/3] Update portal csp with frame-src (#1508)

---
 portal-frontend/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/portal-frontend/nginx.conf b/portal-frontend/nginx.conf
index 09defec047..8db9efc810 100644
--- a/portal-frontend/nginx.conf
+++ b/portal-frontend/nginx.conf
@@ -19,7 +19,7 @@ http {
         add_header 'X-XSS-Protection' '1; mode=block';
         add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload';
         add_header 'Cache-control' 'no-cache';
-        add_header 'Content-Security-Policy' "default-src 'self';img-src 'self';style-src 'unsafe-inline' 'self';connect-src $ENABLED_CONNECT_SRC; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src 'self' https://nrs.objectstore.gov.bc.ca;";
+        add_header 'Content-Security-Policy' "default-src 'self';img-src 'self';style-src 'unsafe-inline' 'self';connect-src $ENABLED_CONNECT_SRC; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; base-uri 'self'; object-src https://nrs.objectstore.gov.bc.ca; frame-src https://nrs.objectstore.gov.bc.ca;";
         add_header 'Permissions-Policy' 'camera=(), geolocation=(), microphone=()';
         add_header 'Referrer-Policy' 'same-origin';
 

From 1dead8ba6ac10d81e6cc16b9ffe27fde97888067 Mon Sep 17 00:00:00 2001
From: Urmi Kataria <urmi.kataria@gov.bc.ca>
Date: Wed, 13 Mar 2024 11:28:49 -0700
Subject: [PATCH 3/3] fix noi email template

---
 .../templates/emails/submitted-to-alc/noi-applicant.template.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/templates/emails/submitted-to-alc/noi-applicant.template.ts b/services/templates/emails/submitted-to-alc/noi-applicant.template.ts
index 4426caa3dd..0601101c0a 100644
--- a/services/templates/emails/submitted-to-alc/noi-applicant.template.ts
+++ b/services/templates/emails/submitted-to-alc/noi-applicant.template.ts
@@ -34,7 +34,7 @@ const template = `<mjml>
         </mj-text>
         <mj-table>
           <tr style="text-align: left; font-size: 16px; border: 1px solid black;">
-            <th style="padding-left: 8px; border-right: 1px solid black;">Application Type</th>
+            <th style="padding-left: 8px; border-right: 1px solid black;">NOI Type</th>
             <th style="padding-left: 8px">ALC Portion of Fee</th>
           </tr>
           ${noiFees