summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2023-09-08 06:41:16 +0200
committerAlan Pearce2023-09-08 06:41:16 +0200
commitb2c15923b33fa65bffe8a5eaef869e6b66d70078 (patch)
tree483b636bd87d56d0eee8f7db12b873f29d2cc87d
parentbfd9de8db4cf32a8ba71402deb113a30a4e9b739 (diff)
downloadwebsite-b2c15923b33fa65bffe8a5eaef869e6b66d70078.tar.lz
website-b2c15923b33fa65bffe8a5eaef869e6b66d70078.tar.zst
website-b2c15923b33fa65bffe8a5eaef869e6b66d70078.zip
Allow site to be displayed in an iframe
-rw-r--r--Caddyfile6
1 files changed, 3 insertions, 3 deletions
diff --git a/Caddyfile b/Caddyfile
index ff6b07d..d234c87 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -25,7 +25,7 @@ http://www.alanpearce.eu {
 		Cache-Control max-age=31536000
 		X-Content-Type-Options nosniff
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
-		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'"
 	}
 	redir https://alanpearce.eu{uri} permanent
 }
@@ -35,7 +35,7 @@ http://aln.pe {
 		Cache-Control max-age=86400
 		X-Content-Type-Options nosniff
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
-		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'"
 	}
 
 	redir /pronouns https://en.pronouns.page/@alanpearce
@@ -55,7 +55,7 @@ http://alanpearce.eu {
 		Cache-Control max-age=14400
 		X-Content-Type-Options nosniff
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
-		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'"
 	}
 	handle_errors {
 		@404 expression `{err.status_code} == 404`