diff options
author | Julien Dessaux | 2023-10-01 22:43:00 +0200 |
---|---|---|
committer | Julien Dessaux | 2023-09-30 23:29:19 +0200 |
commit | 8d25e818d644091cafff16ec2d98b0adf442cb15 (patch) | |
tree | a430214f93ec0c5b59484b77f6448831ece8265d /deploy | |
parent | Added nixos getting started blog article (diff) | |
download | www-8d25e818d644091cafff16ec2d98b0adf442cb15.tar.gz www-8d25e818d644091cafff16ec2d98b0adf442cb15.tar.bz2 www-8d25e818d644091cafff16ec2d98b0adf442cb15.zip |
Fixed CSP
Diffstat (limited to 'deploy')
-rw-r--r-- | deploy/headers_secure.conf | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/deploy/headers_secure.conf b/deploy/headers_secure.conf index 71b52e1..6dfc381 100644 --- a/deploy/headers_secure.conf +++ b/deploy/headers_secure.conf @@ -4,7 +4,7 @@ add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options nosniff; add_header Referrer-Policy strict-origin; add_header Cache-Control no-transform; -add_header Content-Security-Policy "script-src 'self'"; +add_header Content-Security-Policy "script-src 'unsafe-inline'"; add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()"; # 6 months HSTS pinning add_header Strict-Transport-Security max-age=16000000; |