Nixius
/
lucky-ddg
forked from colin/resume
2
0
Fork 0
Code Pull Requests Activity

Update CSP to use script hashes instead of unsafe-inline

This commit is contained in:
Your Name 2025-03-31 09:31:57 -04:00
parent a5583c3afe
commit ab5f8e774e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker/resume/Caddyfile
View File

@ -28,8 +28,8 @@
# Cache control for static assets
Cache-Control "public, max-age=31536000, immutable"
# CSP with hash for utils.js and nonce for inline scripts
Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544='; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
# CSP with hashes for scripts
Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544=' 'sha256-anTkUs/oFZJulKUMaMjZlwaALEmPOP8op0psAo5Bhh8='; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
}
# Handle 404s