diff options
author | Henk Verlinde <henk@ventizo.com> | 2022-06-30 15:24:36 +0300 |
---|---|---|
committer | Henk Verlinde <henk@ventizo.com> | 2022-06-30 15:24:36 +0300 |
commit | 3cacbdd2a538f8ac3a40e37746993fa88374628c (patch) | |
tree | 9a4c8d98195827d7bf42c60a0bb886778eb323bf | |
parent | 06642ce056b59a77eb78fb1f108836216dbe504d (diff) |
config: update content security header
-rw-r--r-- | layouts/index.headers | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/layouts/index.headers b/layouts/index.headers index 62a645c..a44c93a 100644 --- a/layouts/index.headers +++ b/layouts/index.headers @@ -2,7 +2,7 @@ Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block - Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self' https://*.netlify.app; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; img-src 'self' https://*.netlify.app data:; script-src 'self' https://*.netlify.app 'sha512-RGGByJUOP98hE4wFZM78RM/3MijWJs0Tm0DbfrFhCDCXKXfDx60fii+syp5iMs3UcNX/1H4zJNgmqSejfhHrYw==' 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline' + Content-Security-Policy: default-src 'self'; frame-ancestors https://jamstackthemes.dev; manifest-src 'self' https://*.netlify.app; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; img-src 'self' https://*.netlify.app data: https://i.giphy.com; script-src 'self' https://*.netlify.app 'sha512-RGGByJUOP98hE4wFZM78RM/3MijWJs0Tm0DbfrFhCDCXKXfDx60fii+syp5iMs3UcNX/1H4zJNgmqSejfhHrYw==' 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline' X-Frame-Options: SAMEORIGIN Referrer-Policy: strict-origin Feature-Policy: geolocation 'self' |