jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Merge pull request #1357 from jonnybarnes/develop

Browse source 
MTM Update CSP
This commit is contained in:
Jonny Barnes 2024-03-22 19:17:22 +00:00 committed by GitHub
commit c907bcde0c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Middleware/CSPHeader.php
View file

@ -28,7 +28,7 @@ class CSPHeader
'Content-Security-Policy',
"default-src 'self'; " .
"style-src 'self' 'unsafe-inline' cloud.typography.com jonnybarnes.uk; " .
"img-src 'self' data: blob: https://pbs.twimg.com https://jbuk-media.s3-eu-west-1.amazonaws.com https://jbuk-media-dev.s3-eu-west-1.amazonaws.com https://secure.gravatar.com https://graph.facebook.com *.fbcdn.net https://*.cdninstagram.com https://*.4sqi.net https://upload.wikimedia.org; " .
"img-src 'self' data: blob: https://pbs.twimg.com https://jbuk-media.s3-eu-west-1.amazonaws.com https://jbuk-media-dev.s3-eu-west-1.amazonaws.com https://secure.gravatar.com https://graph.facebook.com *.fbcdn.net https://*.cdninstagram.com https://*.4sqi.net https://upload.wikimedia.org https://mastodon.thebeeches.house; " .
"font-src 'self' data:; " .
"frame-src 'self' https://www.youtube.com blob:; " .
'upgrade-insecure-requests; ' .