diff options
| author | Serghei Iakovlev <egrep@protonmail.ch> | 2022-07-24 20:34:30 +0200 |
|---|---|---|
| committer | Serghei Iakovlev <egrep@protonmail.ch> | 2022-07-24 20:34:30 +0200 |
| commit | 7170ca5dfd7945474c64a737d9cbd0b6d92a5951 (patch) | |
| tree | 20488ba6915211558bc7eba03be52c2273b12c9f | |
| parent | d735b4c84034db7032b68886c770bcbd3594b6e8 (diff) | |
| download | gohugo-theme-ed-7170ca5dfd7945474c64a737d9cbd0b6d92a5951.tar.gz | |
Correct CSP header
| -rw-r--r-- | netlify-pr.go | 6 | ||||
| -rw-r--r-- | netlify.toml | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/netlify-pr.go b/netlify-pr.go index 6e6eb54..e232627 100644 --- a/netlify-pr.go +++ b/netlify-pr.go @@ -47,9 +47,9 @@ func main() { repStr = "${1} app.netlify.com${3}" newStr = reStr.ReplaceAllString(newStr, repStr) - // -> script-src 'self' www.googletagmanager.com hypothes.is; - // <- script-src 'self' www.googletagmanager.com hypothes.is netlify-cdp-loader.netlify.app; - reStr = regexp.MustCompile(`(script-src) ('self' www\.googletagmanager\.com hypothes\.is)(;)`) + // -> script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is; + // <- script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is netlify-cdp-loader.netlify.app; + reStr = regexp.MustCompile(`(script-src) ('self' www\.googletagmanager\.com hypothes\.is cdn\.hypothes\.is)(;)`) repStr = "${1} ${2} netlify-cdp-loader.netlify.app${3}" newStr = reStr.ReplaceAllString(newStr, repStr) diff --git a/netlify.toml b/netlify.toml index f3b429b..08a2b00 100644 --- a/netlify.toml +++ b/netlify.toml @@ -89,7 +89,7 @@ # (including inline scripts and event-handling HTML attributes). Content-Security-Policy = """ default-src 'self'; - script-src 'self' www.googletagmanager.com hypothes.is; + script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is; style-src 'self'; img-src 'self' data: *.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net; font-src 'self'; |