diff options
author | Henk Verlinde <henk@ventizo.com> | 2022-06-21 17:54:37 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-21 17:54:37 +0300 |
commit | 0665aa1beeb5e2d6d7b4e7b775275eac67444fcc (patch) | |
tree | 5bd9dc15826874a5f79097eb8041e6282113190f | |
parent | b1dfb71f9020d471611c32d847a2c54410819718 (diff) | |
parent | 5f8399101e020cba70b2d2129d56bfb3a2773bf1 (diff) |
Merge pull request #788 from james-d-elliott/fix-csp
fix: csp invalid for global alert dismissal
-rw-r--r-- | layouts/index.headers | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/layouts/index.headers b/layouts/index.headers index 9ff86d8..62a645c 100644 --- a/layouts/index.headers +++ b/layouts/index.headers @@ -2,9 +2,9 @@ Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block - Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self' https://*.netlify.app; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; img-src 'self' https://*.netlify.app data:; script-src 'self' https://*.netlify.app 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline' + Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self' https://*.netlify.app; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; img-src 'self' https://*.netlify.app data:; script-src 'self' https://*.netlify.app 'sha512-RGGByJUOP98hE4wFZM78RM/3MijWJs0Tm0DbfrFhCDCXKXfDx60fii+syp5iMs3UcNX/1H4zJNgmqSejfhHrYw==' 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline' X-Frame-Options: SAMEORIGIN Referrer-Policy: strict-origin Feature-Policy: geolocation 'self' Cache-Control: public, max-age=31536000 - Access-Control-Allow-Origin: *
\ No newline at end of file + Access-Control-Allow-Origin: * |