summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2023-09-05 21:11:11 +0200
committerAlan Pearce2023-09-05 21:12:22 +0200
commitf8ee173f8c1703727d276a6c7a9f6d80b5dbb5e2 (patch)
tree5e5e1d0ba4d96826da5fbce0bd4b50833b486c8f
parent3e93a2c34c676bcebd943e049f16d32bbac0a1bd (diff)
downloadwebsite-f8ee173f8c1703727d276a6c7a9f6d80b5dbb5e2.tar.lz
website-f8ee173f8c1703727d276a6c7a9f6d80b5dbb5e2.tar.zst
website-f8ee173f8c1703727d276a6c7a9f6d80b5dbb5e2.zip
Add content-security-policy headers
-rw-r--r--Caddyfile2
1 files changed, 2 insertions, 0 deletions
diff --git a/Caddyfile b/Caddyfile
index d0ede2a..f06dbce 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -30,6 +30,7 @@ http://aln.pe {
 		Cache-Control max-age=86400
 		X-Content-Type-Options nosniff
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
 	}
 
 	redir /pronouns https://en.pronouns.page/@alanpearce
@@ -49,6 +50,7 @@ http://alanpearce.eu {
 		Cache-Control max-age=14400
 		X-Content-Type-Options nosniff
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		Content-Security-Policy "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
 	}
 	handle_errors {
 		@404 expression `{err.status_code} == 404`