Minor htaccess changes

1 files changed, 2 insertions, 3 deletions

diff --git a/static/.htaccess b/static/.htaccess
index 132e09e..c2a3615 100644
--- a/static/.htaccess
+++ b/static/.htaccess
@@ -22,13 +22,13 @@ ErrorDocument 404 /404.html
 # HSTS
 Header set Strict-Transport-Security "max-age=31536000"
 # Block site from being framed with X-Frame-Options and CSP
-#Header set Content-Security-Policy "frame-ancestors 'self';"
+# Header set Content-Security-Policy "frame-ancestors 'self';"
 Header append X-Frame-Options: DENY
 # Prevent browsers from incorrectly detecting non-scripts as scripts
 Header append X-Content-Type-Options: nosniff
 # Content Security Policy
 # Don't implement the above policy yet; instead just report violations that would have occured
-#Header set Content-Security-Policy-Report-Only: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * https: data:; frame-ancestors 'self';"
+# Header set Content-Security-Policy-Report-Only: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * https: data:; frame-ancestors 'self';"
 Header set Content-Security-Policy: "default-src https: 'unsafe-eval' 'unsafe-inline' data:; img-src * data:; object-src 'none'; frame-src 'self' *.google.de google.de *.google.com google.com; font-src * data:; frame-ancestors 'self';"
 
 # Active GZIP compression
@@ -58,7 +58,6 @@ SetOutputFilter DEFLATE
 
 # Browser Caching
 <IfModule mod_expires.c>
-
 	ExpiresActive on
 	ExpiresDefault                                    "access plus 1 month"