diff options
| author | Alan Pearce | 2024-05-29 01:05:26 +0200 |
|---|---|---|
| committer | Alan Pearce | 2024-05-29 01:05:26 +0200 |
| commit | 2bdbb8c53d9d8187741cd940af5d514cbd1f1a79 (patch) | |
| tree | ee6c98ffd3ac929e6cac7a9f54675fa295f5d3ce | |
| parent | e09e938cea1073e117a5ecd048f7f3f0969207dc (diff) | |
| download | zola-bearblog-2bdbb8c53d9d8187741cd940af5d514cbd1f1a79.tar.lz zola-bearblog-2bdbb8c53d9d8187741cd940af5d514cbd1f1a79.tar.zst zola-bearblog-2bdbb8c53d9d8187741cd940af5d514cbd1f1a79.zip | |
document updating style-src value
| -rw-r--r-- | netlify.toml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/netlify.toml b/netlify.toml index ad921ed..6b9b76c 100644 --- a/netlify.toml +++ b/netlify.toml @@ -24,4 +24,12 @@ X-Content-Type-Options = "nosniff" X-XSS-Protection = "1; mode=block" Referrer-Policy = "strict-origin-when-cross-origin" Strict-Transport-Security = "max-age=63072000; includeSubdomains" +# To update the style-src value, run one of the following commands: +# linux (coreutils) +# cksum --algorithm sha256 --base64 < templates/style.css.html | cut -d' ' -f 4 +# macOS (should also work on linux if xxd is installed) +# shasum --algorithm 256 templates/style.css.html | cut -d' ' -f 1 | xxd -r -p | base64 +# if nothing else works +# openssl dgst -sha256 -binary < templates/style.css.html | openssl enc -base64 +# and paste the output after sha256- Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-KOMZEackHZgE4VhODEG7gEiJLdQZogO6BfMk+c0NWoM='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" |