Hash inline style in CSP openssl dgst -sha256 -binary < templates/style.html | openssl enc -base64 2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ=

Alan Pearce 2 years ago

commit

d10630da50a2b0e005ef0499190cc5cc898f0b06

parent

f51202d961e6d2337a96ef3552c4efced1fe2beb

2 files changed, 1 insertion(+), 4 deletions(-)

jump to

netlify.toml
templates/style.css.html

M netlify.toml → netlify.toml

@@ -22,4 +22,4 @@ X-Content-Type-Options = "nosniff"
     X-XSS-Protection = "1; mode=block"
     Referrer-Policy = "strict-origin-when-cross-origin"
     Strict-Transport-Security = "max-age=63072000; includeSubdomains"
-    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
+    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"

M templates/style.html → templates/style.css.html

@@ -1,4 +1,3 @@
-<style>
   body {
     font-family: Verdana, sans-serif;
     margin: auto;
@@ -168,5 +167,3 @@ .helptext {
       color: #aaa;
     }
   }
-
-</style>

all repos — zola-bearblog @ d10630da50a2b0e005ef0499190cc5cc898f0b06

Port of bear blog theme to zola

Hash inline style in CSP openssl dgst -sha256 -binary < templates/style.html | openssl enc -base64 2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ=