Not able to add CSP Headers with single quotes

[omeryesil]

Issue We are not able to add CSP headers that contains single quotes. Example: nginx.ingress.kubernetes.io/configuration-snippet: > more_set_headers "Content-Security-Policy: upgrade-insecure-requests;default-src 'self';" ; ...

I did remove ' from annotation-value-word-blocklist in nginx configmap, but it keeps getting reverted to default values after restarting nginx deployment.

I do understand single quote is blocked because of security, but, I couldn't find another way to add CSP header.

Proposal We should be able to overwrite nginx configmap.