feat: make security headers stricter

author: Alan Pearce 2024-05-30 14:01:35 +0200
committer: Alan Pearce 2024-05-30 14:01:35 +0200
commit: b53769462bf830f860b7d741a3d0801afdbc9aa2 (patch)
tree: 1cdfffca23900dcf54cfa1f78e6012a73221a042 /internal/config/config.go
parent: 4698a97974ae82e7bd8592828c58294b222a58ff (diff)
download: searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.tar.lz
searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.tar.zst
searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/internal/config/config.go b/internal/config/config.go
index 81c5f3c..c8739f0 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -117,6 +117,11 @@ func GetConfig(filename string) (*Config, error) {
 		}
 	}
 
+	config.Web.ContentSecurityPolicy.ScriptSrc = append(
+		config.Web.ContentSecurityPolicy.ScriptSrc,
+		config.Web.BaseURL.JoinPath("/static/").String(),
+	)
+
 	maps.DeleteFunc(config.Importer.Sources, func(_ string, v *Source) bool {
 		return !v.Enable
 	})
author	Alan Pearce	2024-05-30 14:01:35 +0200
committer	Alan Pearce	2024-05-30 14:01:35 +0200
commit	b53769462bf830f860b7d741a3d0801afdbc9aa2 (patch)
tree	1cdfffca23900dcf54cfa1f78e6012a73221a042 /internal/config/config.go
parent	4698a97974ae82e7bd8592828c58294b222a58ff (diff)
download	searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.tar.lz searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.tar.zst searchix-b53769462bf830f860b7d741a3d0801afdbc9aa2.zip