grewn0uille
/
infra
forked from AFPy/infra
1
0
Fork 0
Code Pull Requests Activity

CSPs

This commit is contained in:
Julien Palard 2024-02-02 09:04:55 +01:00
parent 24a55603cb
commit 0daf51953a
Signed by: mdk
GPG Key ID: 0EFC1AC1006886F8
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/gitea/tasks/setup.yml
View File

@ -130,6 +130,10 @@
include snippets/letsencrypt-git.afpy.org.conf;
client_max_body_size 16M;
add_header Content-Security-Policy-Report-Only "default-src 'self'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https: data:; manifest-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'";
# See add_header Content-Security-Policy-Report-Only "
add_header X-Content-Type-Options "nosniff";
# location /_/static/assets/ {
# alias /var/lib/gitea-static/public/;
# }