Text prod headers fix 2 electric boogaloo
parent
d32ef2db66
commit
0f53356f4c
|
@ -12,4 +12,13 @@
|
||||||
# content security policy
|
# content security policy
|
||||||
# style-src 'unsafe-inline': syntax highlighting in codefences
|
# style-src 'unsafe-inline': syntax highlighting in codefences
|
||||||
# sandbox allow-popups: enable target="_blank" links to open in new tabs
|
# sandbox allow-popups: enable target="_blank" links to open in new tabs
|
||||||
Content-Security-Policy: default-src 'none';
|
Content-Security-Policy: default-src 'none'
|
||||||
|
Content-Security-Policy: img-src 'self' https://mat.services https://stats.mat.services
|
||||||
|
Content-Security-Policy: style-src 'self' https://mat.services 'unsafe-inline'
|
||||||
|
Content-Security-Policy: font-src 'self' https://mat.services
|
||||||
|
Content-Security-Policy: script-src 'self' https://mat.services https://stats.mat.services
|
||||||
|
Content-Security-Policy: form-action 'none'
|
||||||
|
Content-Security-Policy: frame-ancestors 'none'
|
||||||
|
Content-Security-Policy: base-uri 'none'
|
||||||
|
Content-Security-Policy: upgrade-insecure-requests
|
||||||
|
Content-Security-Policy: sandbox allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox
|
||||||
|
|
Loading…
Reference in New Issue