Skip to content

Commit a886edf

Browse files
stradichenkostradichenko
committed
fix: improved headers.txt
1 parent 0e16412 commit a886edf

1 file changed

Lines changed: 2 additions & 4 deletions

File tree

layouts/_default/headers.txt

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
/*
2-
# Content Security Policy to allow Matomo analytics
3-
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; connect-src 'self' {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; img-src 'self' data: {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; style-src 'self' 'unsafe-inline'; font-src 'self' data:
4-
5-
# Security headers
2+
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; connect-src 'self' {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; img-src 'self' data: {{ .Site.BaseURL | strings.TrimSuffix "/" }}/analytics http://localhost:8080; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com;
3+
64
X-Frame-Options: DENY
75
X-Content-Type-Options: nosniff
86
X-XSS-Protection: 1; mode=block

0 commit comments

Comments
 (0)