elgit — website (cf38b8d92bde6dd349f286ccfff4a77db9513b50): config.toml

make Content-Security-Policy stricter

Alan Pearce 11 months ago

commit

cf38b8d92bde6dd349f286ccfff4a77db9513b50

parent

200701c1bddae4b9a854579ced35cb6aa325ad63

1 file changed, 9 insertions(+), 3 deletions(-)

changed files

config.toml

M config.toml → config.toml

@@ -18,16 +18,22 @@ [content-security-policy]
   default-src = [
     "'none'",
   ]
+  form-action = [
+    "'none'",
+  ]
+  base-uri = [
+    "'none'",
+  ]
   image-src = [
     "'self'",
-    "http://gc.zgo.at",
+    "https://gc.zgo.at",
   ]
   script-src = [
     "'self'",
-    "http://gc.zgo.at",
+    "https://gc.zgo.at",
   ]
   style-src = [
-    "'unsafe-inline'",
+    "'sha256-+7qCR9+91EXRy0dbbyuh8KDyQUJwTewM/EPr4b/IKoE='",
   ]
   frame-ancestors = [
     "https://kagi.com",

all repos — website @ cf38b8d92bde6dd349f286ccfff4a77db9513b50

My website

make Content-Security-Policy stricter