YunoHost-Apps/mastodon_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00
Code Issues Activity Actions

[mod] Add CSP for security

Browse source
This commit is contained in:
frju365 2018-08-25 00:26:40 +02:00 committed by GitHub
parent a05de14f3f
commit 8a29c1db52
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/nginx.conf
View file

@ -1,6 +1,9 @@
# upload max size
client_max_body_size 100M;
# Content Security Policy : security to avoid launching unsecure script
add_header Content-Security-Policy "default-src 'none'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' blob: data:; connect-src 'self' wss://$domain;";
# add to v1.4 assets
root __FINALPATH__/live/public;