rooty/Qware_core
0
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed Content-Security-Policy rules for script-src and style-src

Browse Source
This commit is contained in:
Rooty 2021-04-11 03:03:15 +02:00
parent d19fac15fe
commit c42e882ffa
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.htaccess
View File

@ -35,7 +35,7 @@ Options -Indexes
Header always set Permissions-Policy "geolocation=(self);midi=(self);microphone=(self);camera=(self);fullscreen=(self);payment=()"
Header onsuccess unset Content-Security-Policy
Header always set Content-Security-Policy: default-src 'none'; script-src 'self'
Header always set Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src https:; font-src https:; form-action https:;"
SetEnv modHeadersAvailable true
</IfModule>