From d69e95a01c254ed616b0c4e5a1f8bfdcec7b00fe Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Sat, 2 Sep 2023 10:38:26 +0200 Subject: Add content-security-policy header-equivalent meta tag --- templates/base.html | 1 + 1 file changed, 1 insertion(+) (limited to 'templates/base.html') diff --git a/templates/base.html b/templates/base.html index 4ba8442..02fdfe6 100644 --- a/templates/base.html +++ b/templates/base.html @@ -1,6 +1,7 @@ + {% include "security_tags.html" ignore missing %} {% include "favicon.html" ignore missing -%} -- cgit 1.4.1 From f51202d961e6d2337a96ef3552c4efced1fe2beb Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Sat, 9 Sep 2023 19:10:40 +0200 Subject: Allow end-user to disable CSP header meta tags without editing theme --- config.toml | 1 + templates/base.html | 8 ++++++-- theme.toml | 1 + 3 files changed, 8 insertions(+), 2 deletions(-) (limited to 'templates/base.html') diff --git a/config.toml b/config.toml index d2a8833..78e9f9a 100644 --- a/config.toml +++ b/config.toml @@ -20,6 +20,7 @@ highlight_code = true [extra] date_format="%d %b, %Y" +webserver_sends_csp_headers=true [[extra.main_menu]] name = "Bear" diff --git a/templates/base.html b/templates/base.html index 02fdfe6..ee206b3 100644 --- a/templates/base.html +++ b/templates/base.html @@ -1,7 +1,9 @@ - {% include "security_tags.html" ignore missing %} + {%- if config.webserver_sends_csp_headers %} + {%- include "security_tags.html" ignore missing %} + {%- endif %} {% include "favicon.html" ignore missing -%} @@ -13,7 +15,9 @@ {%- endblock -%} {%- endif %} - {% include "style.html" ignore missing -%} + {% include "custom_head.html" ignore missing -%} diff --git a/theme.toml b/theme.toml index 1bba50d..902c8ec 100644 --- a/theme.toml +++ b/theme.toml @@ -13,6 +13,7 @@ demo = "https://zola-bearblog.netlify.app/" # Use snake_casing to be consistent with the rest of Zola [extra] date_format="%d %b, %Y" +webserver_sends_csp_headers=false [author] name = "Alan Pearce" -- cgit 1.4.1