1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00

[mod] Add CSP for security

This commit is contained in:
frju365 2018-08-25 00:26:40 +02:00 committed by GitHub
parent a05de14f3f
commit 8a29c1db52
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,6 +1,9 @@
# upload max size
client_max_body_size 100M;
# Content Security Policy : security to avoid launching unsecure script
add_header Content-Security-Policy "default-src 'none'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' blob: data:; connect-src 'self' wss://$domain;";
# add to v1.4 assets
root __FINALPATH__/live/public;