From 2bdbb8c53d9d8187741cd940af5d514cbd1f1a79 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Wed, 29 May 2024 01:05:26 +0200
Subject: document updating style-src value

---
 netlify.toml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/netlify.toml b/netlify.toml
index ad921ed..6b9b76c 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -24,4 +24,12 @@ X-Content-Type-Options = "nosniff"
 X-XSS-Protection = "1; mode=block"
 Referrer-Policy = "strict-origin-when-cross-origin"
 Strict-Transport-Security = "max-age=63072000; includeSubdomains"
+# To update the style-src value, run one of the following commands:
+# linux (coreutils)
+# cksum --algorithm sha256 --base64 < templates/style.css.html | cut -d' ' -f 4
+# macOS (should also work on linux if xxd is installed)
+# shasum --algorithm 256 templates/style.css.html | cut -d' ' -f 1 | xxd -r -p | base64
+# if nothing else works
+# openssl dgst -sha256 -binary < templates/style.css.html | openssl enc -base64
+# and paste the output after sha256-
 Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-KOMZEackHZgE4VhODEG7gEiJLdQZogO6BfMk+c0NWoM='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
-- 
cgit 1.4.1