Nixius
/
lucky-ddg
forked from colin/resume
2
0
Fork 0
Code Pull Requests Activity

Enhance CSP with default-src 'none' for maximum security

This commit is contained in:
Your Name 2025-03-31 04:08:37 -04:00
parent ac3d30d597
commit 0b46750148
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker/resume/Caddyfile
View File

@ -26,7 +26,7 @@
Cross-Origin-Opener-Policy "same-origin"
# Simplified CSP for static content
Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; frame-ancestors 'none'; require-sri-for script;"
Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; require-sri-for script;"
}
# Handle 404s