From 26c76a84bc0d0ced894d3c9f4367e7b29fa5420c Mon Sep 17 00:00:00 2001 From: Serreau Jovann Date: Mon, 17 Nov 2025 11:44:22 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat(caddy):=20Ajoute=20'self'=20?= =?UTF-8?q?=C3=A0=20connect-src=20dans=20la=20directive=20Content-Security?= =?UTF-8?q?-Policy.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/templates/caddy.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/templates/caddy.j2 b/ansible/templates/caddy.j2 index 00676c3..846d182 100644 --- a/ansible/templates/caddy.j2 +++ b/ansible/templates/caddy.j2 @@ -21,7 +21,7 @@ www.e-cosplay.fr { header { -X-Robots-Tag Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()" - Content-Security-Policy "default-src 'self'; script-src 'self' datas.e-cosplay.fr *.cloudflareinsights.com storage.googleapis.com *.trustpilot.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; img-src 'self'; frame-src *.trustpilot.com; connect-src datas.e-cosplay.fr;" + Content-Security-Policy "default-src 'self'; script-src 'self' datas.e-cosplay.fr *.cloudflareinsights.com storage.googleapis.com *.trustpilot.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; img-src 'self'; frame-src *.trustpilot.com; connect-src 'self' datas.e-cosplay.fr;" } php_fastcgi unix//run/php/php8.3-fpm.sock {