Playing with CSP reporting.
This commit is contained in:
parent
60d71bd8eb
commit
a90a2b7d43
15
afpy.org.yml
15
afpy.org.yml
|
@ -64,9 +64,10 @@
|
|||
root /var/www/afpy.org/;
|
||||
include snippets/letsencrypt-afpy.org.conf;
|
||||
index index.html;
|
||||
|
||||
add_header Report-To '{"group": "xmpp", "max_age": 10886400, "endpoints": [{ "url": "https://http-to-xmpp.afpy.org" }] }';
|
||||
add_header Content-Security-Policy-Report-Only "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'; frame-src https://www.helloasso.com https://web.libera.chat report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
|
||||
add_header Reporting-Endpoints xmpp="https://http-to-xmpp.afpy.org";
|
||||
add_header Report-To '{"group": "xmpp", "max_age": 86400, "endpoints": [{"url": "https://http-to-xmpp.afpy.org"}]}';
|
||||
add_header Content-Security-Policy-Report-Only "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'; report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
|
||||
# add_header Content-Security-Policy-Report-Only "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'; frame-src https://www.helloasso.com https://web.libera.chat report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
||||
location /discord
|
||||
|
@ -238,7 +239,9 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHVrME7+AYhM4n6opE5gVJbWsZHLETucV2wV+kDvnLk3
|
||||
{{ authorized_keys['mdk'] | join(LF) }}
|
||||
nginx_extra: |
|
||||
add_header Content-Security-Policy "default-src 'none'; font-src https://cdnjs.cloudflare.com; img-src 'self' https://www.gravatar.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; script-src 'self' https://cdnjs.cloudflare.com; frame-ancestors 'self'";
|
||||
add_header Reporting-Endpoints xmpp="https://http-to-xmpp.afpy.org";
|
||||
add_header Report-To '{"group": "xmpp", "max_age": 86400, "endpoints": [{"url": "https://http-to-xmpp.afpy.org"}]}';
|
||||
add_header Content-Security-Policy "default-src 'none'; font-src https://cdnjs.cloudflare.com; img-src 'self' https://www.gravatar.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; script-src 'self' https://cdnjs.cloudflare.com; frame-ancestors 'self'; report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
||||
- name: Setup nantes.afpy.org
|
||||
|
@ -289,7 +292,9 @@
|
|||
{
|
||||
listen [::]:443 ssl http2; listen 443 ssl http2;
|
||||
server_name photos.afpy.org;
|
||||
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'";
|
||||
add_header Reporting-Endpoints xmpp="https://http-to-xmpp.afpy.org";
|
||||
add_header Report-To '{"group": "xmpp", "max_age": 86400, "endpoints": [{"url": "https://http-to-xmpp.afpy.org"}]}';
|
||||
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self'; script-src 'self'; frame-ancestors 'self'; report-uri https://http-to-xmpp.afpy.org; report-to xmpp";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
include snippets/letsencrypt-photos.afpy.org.conf;
|
||||
root /var/www/photos.afpy.org/;
|
||||
|
|
Loading…
Reference in New Issue