diff options
| author | Alan Pearce | 2023-09-09 19:11:07 +0200 |
|---|---|---|
| committer | Alan Pearce | 2023-09-09 19:11:07 +0200 |
| commit | d10630da50a2b0e005ef0499190cc5cc898f0b06 (patch) | |
| tree | d6f8a479ef106f7c93a82f970cc34456effece61 | |
| parent | f51202d961e6d2337a96ef3552c4efced1fe2beb (diff) | |
| download | zola-bearblog-d10630da50a2b0e005ef0499190cc5cc898f0b06.tar.lz zola-bearblog-d10630da50a2b0e005ef0499190cc5cc898f0b06.tar.zst zola-bearblog-d10630da50a2b0e005ef0499190cc5cc898f0b06.zip | |
Hash inline style in CSP
openssl dgst -sha256 -binary < templates/style.html | openssl enc -base64 2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ=
| -rw-r--r-- | netlify.toml | 2 | ||||
| -rw-r--r-- | templates/style.css.html (renamed from templates/style.html) | 3 |
2 files changed, 1 insertions, 4 deletions
diff --git a/netlify.toml b/netlify.toml index b75399f..6be8468 100644 --- a/netlify.toml +++ b/netlify.toml @@ -22,4 +22,4 @@ command = "zola build --base-url $DEPLOY_PRIME_URL" X-XSS-Protection = "1; mode=block" Referrer-Policy = "strict-origin-when-cross-origin" Strict-Transport-Security = "max-age=63072000; includeSubdomains" - Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" + Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" diff --git a/templates/style.html b/templates/style.css.html index 4744695..00b4131 100644 --- a/templates/style.html +++ b/templates/style.css.html @@ -1,4 +1,3 @@ -<style> body { font-family: Verdana, sans-serif; margin: auto; @@ -168,5 +167,3 @@ color: #aaa; } } - -</style> |