Nginx allow secure websocket connections

This changes the nginx configuration so the HTTP response headers
for the phosphor-webui web applicaton will allow wss (secure
WebSocket) connections back to the host.  This is needed for the
Serial Over Lan (SOL) function.

A recent fix used Content-Security-Policy default-src 'self'
which unfortunately does not allow to wss connections.  For
details see https://github.com/openbmc/openbmc/issues/3409

Tested: The web app SOL function works

Resolves: openbmc/openbmc#3409

Change-Id: Ie8d76ab109910427d4627d76633bc5f75a34f821
Signed-off-by: Joseph Reynolds <jrey@us.ibm.com>
diff --git a/recipes-httpd/nginx/files/nginx.conf b/recipes-httpd/nginx/files/nginx.conf
index be7faf9..befe986 100644
--- a/recipes-httpd/nginx/files/nginx.conf
+++ b/recipes-httpd/nginx/files/nginx.conf
@@ -88,7 +88,7 @@
                 add_header X-Frame-Options deny;
                 add_header X-XSS-Protection "1; mode=block";
                 add_header X-Content-Type-Options nosniff;
-                add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self' 'unsafe-eval' 'unsafe-inline'";
+                add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self' wss: 'unsafe-eval' 'unsafe-inline'";
                 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
                 add_header Cache-Control "no-store,no-cache";
                 add_header Pragma "no-cache";