From cc68d83beb30d88b80aeafc8c8addbf333a195cf Mon Sep 17 00:00:00 2001
From: Julien Palard <julien@palard.fr>
Date: Mon, 23 Jan 2023 14:00:05 +0100
Subject: [PATCH] Harder CSP.

---
 mdk.fr.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdk.fr.yml b/mdk.fr.yml
index a27e934..a240688 100644
--- a/mdk.fr.yml
+++ b/mdk.fr.yml
@@ -57,7 +57,7 @@
               charset utf-8;
               server_name mdk.fr;
               include snippets/letsencrypt-mdk.fr.conf;
-              add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;";
+              add_header Content-Security-Policy "default-src 'none'; font-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'";
               add_header X-Frame-Options "DENY";
 
               location /noindex/ {