diff options
| author | Serghei Iakovlev <egrep@protonmail.ch> | 2024-04-15 00:12:21 +0200 |
|---|---|---|
| committer | Serghei Iakovlev <egrep@protonmail.ch> | 2024-04-15 08:59:13 +0200 |
| commit | 608b6a8af84f50f7987ffc840c16a814cebeb4ea (patch) | |
| tree | 56164db7013b0fa60ed3e4243872a2bb48991fc7 | |
| parent | ed370f667e3fbe55924bdac65059a32c6fae60e7 (diff) | |
| download | gohugo-theme-ed-608b6a8af84f50f7987ffc840c16a814cebeb4ea.tar.gz | |
Update Content-Security-Policy for netlify
| -rw-r--r-- | netlify-preview.js | 18 | ||||
| -rw-r--r-- | netlify.toml | 6 |
2 files changed, 12 insertions, 12 deletions
diff --git a/netlify-preview.js b/netlify-preview.js index 5b37433..5400d48 100644 --- a/netlify-preview.js +++ b/netlify-preview.js @@ -21,22 +21,22 @@ fs.readFile(path.resolve(__dirname, netlifyConfig), 'utf8', (err, data) => { // <- default-src 'self' blob:; line = line.replace(/(default-src) ('self')(;)/, '$1 $2 blob:$3'); - // -> style-src 'self' cdn.hypothes.is; - // <- style-src 'self' 'unsafe-inline' cdn.hypothes.is; - line = line.replace(/(style-src) ('self') (cdn\.hypothes\.is)(;)/, '$1 $2 $3 \'unsafe-inline\'$4'); + // -> style-src 'self' cdn.hypothes.is giscus.app; + // <- style-src 'self' 'unsafe-inline' cdn.hypothes.is giscus.app; + line = line.replace(/(style-src) ('self') (cdn\.hypothes\.is giscus\.app)(;)/, '$1 $2 $3 \'unsafe-inline\'$4'); // -> media-src 'self'; // <- media-src 'self' blob: https://app.netlify.com; line = line.replace(/(media-src) ('self')(;)/, '$1 $2 blob: https://app.netlify.com$3'); - // -> frame-src hypothes.is; - // <- frame-src hypothes.is app.netlify.com; - line = line.replace(/(frame-src) (hypothes\.is)(;)/, '$1 $2 app.netlify.com$3'); + // -> frame-src hypothes.is giscus.app; + // <- frame-src hypothes.is giscus.app app.netlify.com; + line = line.replace(/(frame-src) (hypothes\.is giscus\.app)(;)/, '$1 $2 app.netlify.com$3'); - // -> script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is; - // <- script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is netlify-cdp-loader.netlify.app; + // -> script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is giscus.app; + // <- script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is giscus.app netlify-cdp-loader.netlify.app; line = line.replace( - /(script-src) ('self' www\.googletagmanager\.com hypothes\.is cdn\.hypothes\.is)(;)/, + /(script-src) ('self' www\.googletagmanager\.com hypothes\.is cdn\.hypothes\.is giscus\.app)(;)/, '$1 $2 netlify-cdp-loader.netlify.app$3' ); diff --git a/netlify.toml b/netlify.toml index 55134eb..fc355f0 100644 --- a/netlify.toml +++ b/netlify.toml @@ -88,14 +88,14 @@ # (including inline scripts and event-handling HTML attributes). Content-Security-Policy = """ default-src 'self'; - script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is; - style-src 'self' cdn.hypothes.is; + script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is giscus.app; + style-src 'self' cdn.hypothes.is giscus.app; img-src 'self' data: *.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net; font-src 'self'; connect-src 'self' *.google-analytics.com *.analytics.google.com analytics.google.com www.googletagmanager.com stats.g.doubleclick.net; media-src 'self'; object-src 'self'; - frame-src hypothes.is; + frame-src hypothes.is giscus.app; worker-src 'self'; frame-ancestors 'none'; form-action 'self' submit-form.com; |