diff options
| author | Serghei Iakovlev <egrep@protonmail.ch> | 2024-04-15 00:12:21 +0200 |
|---|---|---|
| committer | Serghei Iakovlev <egrep@protonmail.ch> | 2024-04-15 08:59:13 +0200 |
| commit | 608b6a8af84f50f7987ffc840c16a814cebeb4ea (patch) | |
| tree | 56164db7013b0fa60ed3e4243872a2bb48991fc7 /netlify.toml | |
| parent | ed370f667e3fbe55924bdac65059a32c6fae60e7 (diff) | |
| download | gohugo-theme-ed-608b6a8af84f50f7987ffc840c16a814cebeb4ea.tar.gz | |
Update Content-Security-Policy for netlify
Diffstat (limited to 'netlify.toml')
| -rw-r--r-- | netlify.toml | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/netlify.toml b/netlify.toml index 55134eb..fc355f0 100644 --- a/netlify.toml +++ b/netlify.toml @@ -88,14 +88,14 @@ # (including inline scripts and event-handling HTML attributes). Content-Security-Policy = """ default-src 'self'; - script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is; - style-src 'self' cdn.hypothes.is; + script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is giscus.app; + style-src 'self' cdn.hypothes.is giscus.app; img-src 'self' data: *.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net; font-src 'self'; connect-src 'self' *.google-analytics.com *.analytics.google.com analytics.google.com www.googletagmanager.com stats.g.doubleclick.net; media-src 'self'; object-src 'self'; - frame-src hypothes.is; + frame-src hypothes.is giscus.app; worker-src 'self'; frame-ancestors 'none'; form-action 'self' submit-form.com; |