From d10630da50a2b0e005ef0499190cc5cc898f0b06 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Sat, 9 Sep 2023 19:11:07 +0200 Subject: Hash inline style in CSP openssl dgst -sha256 -binary < templates/style.html | openssl enc -base64 2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ= --- netlify.toml | 2 +- templates/style.css.html | 169 ++++++++++++++++++++++++++++++++++++++++++++++ templates/style.html | 172 ----------------------------------------------- 3 files changed, 170 insertions(+), 173 deletions(-) create mode 100644 templates/style.css.html delete mode 100644 templates/style.html diff --git a/netlify.toml b/netlify.toml index b75399f..6be8468 100644 --- a/netlify.toml +++ b/netlify.toml @@ -22,4 +22,4 @@ command = "zola build --base-url $DEPLOY_PRIME_URL" X-XSS-Protection = "1; mode=block" Referrer-Policy = "strict-origin-when-cross-origin" Strict-Transport-Security = "max-age=63072000; includeSubdomains" - Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" + Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" diff --git a/templates/style.css.html b/templates/style.css.html new file mode 100644 index 0000000..00b4131 --- /dev/null +++ b/templates/style.css.html @@ -0,0 +1,169 @@ + body { + font-family: Verdana, sans-serif; + margin: auto; + padding: 20px; + max-width: 720px; + text-align: left; + background-color: #fff; + word-wrap: break-word; + overflow-wrap: break-word; + line-height: 1.5; + color: #444; + } + + h1, + h2, + h3, + h4, + h5, + h6, + strong, + b { + color: #222; + } + + a { + color: #3273dc; + } + + .title { + text-decoration: none; + border: 0; + } + + .title span { + font-weight: 400; + } + + nav a { + margin-right: 10px; + } + + textarea { + width: 100%; + font-size: 1rem; + } + + input { + font-size: 1rem; + } + + main,article { + line-height: 1.6; + } + + table { + width: 100%; + } + + img { + max-width: 100%; + } + + code { + padding: 2px 5px; + background-color: #f2f2f2; + } + + pre code { + color: #222; + display: block; + padding: 20px; + white-space: pre-wrap; + font-size: 0.875rem; + overflow-x: auto; + } + + div.highlight pre { + background-color: initial; + color: initial; + } + + div.highlight code { + background-color: unset; + color: unset; + } + + blockquote { + border-left: 1px solid #999; + color: #222; + padding-left: 20px; + font-style: italic; + } + + footer { + padding: 25px; + text-align: center; + } + + .helptext { + color: #777; + font-size: small; + } + + .errorlist { + color: #eba613; + font-size: small; + } + + /* blog posts */ + ul.blog-posts { + list-style-type: none; + padding: unset; + } + + ul.blog-posts li { + display: flex; + } + + ul.blog-posts li span { + flex: 0 0 130px; + } + + ul.blog-posts li a:visited { + color: #8b6fcb; + } + + @media (prefers-color-scheme: dark) { + body { + background-color: #333; + color: #ddd; + } + + h1, + h2, + h3, + h4, + h5, + h6, + strong, + b { + color: #eee; + } + + a { + color: #8cc2dd; + } + + code { + background-color: #777; + } + + pre code { + color: #ddd; + } + + blockquote { + color: #ccc; + } + + textarea, + input { + background-color: #252525; + color: #ddd; + } + + .helptext { + color: #aaa; + } + } diff --git a/templates/style.html b/templates/style.html deleted file mode 100644 index 4744695..0000000 --- a/templates/style.html +++ /dev/null @@ -1,172 +0,0 @@ - -- cgit 1.4.1