admin/e-cosplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ansible/caddy): Ajoute stripe.com aux directives CSP et ajoute Stripe JS.

Browse Source
This commit is contained in:
Serreau Jovann
2025-11-18 08:55:21 +01:00
parent c8c8d0f105
commit 37f5253d1e
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/templates/caddy.j2
View File

@@ -15,7 +15,7 @@ www.e-cosplay.fr {
header {
-X-Robots-Tag
Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()"
Content-Security-Policy "base-uri 'self'; default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' https://datas.e-cosplay.fr https://*.cloudflareinsights.com https://storage.googleapis.com https://*.trustpilot.com; font-src 'self' https://fonts.gstatic.com;connect-src https://*.e-cosplay.fr https://*.cloudflareinsights.com https://fonts.googleapis.com https://widget.trustpilot.com/ https://challenges.cloudflare.com; frame-src 'self' https://*.trustpilot.com;"
Content-Security-Policy "base-uri 'self'; default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.stripe.com; script-src 'self' 'unsafe-inline' https://datas.e-cosplay.fr https://*.cloudflareinsights.com https://storage.googleapis.com https://*.trustpilot.com; font-src 'self' https://fonts.gstatic.com;connect-src https://*.e-cosplay.fr https://*.cloudflareinsights.com https://fonts.googleapis.com https://widget.trustpilot.com/ https://challenges.cloudflare.com https://*.stripe.com; frame-src 'self' https://*.trustpilot.com https://*.stripe.com;"
}
php_fastcgi unix//run/php/php8.3-fpm.sock {

1
templates/base.twig
View File

@@ -37,6 +37,7 @@
<link rel="manifest" href="{{ asset('site.webmanifest') }}" />
<link rel="stylesheet" href="{{ asset('assets/css/all.min.css') }}" crossorigin="anonymous" referrerpolicy="no-referrer" />
<meta name="google-site-verification" content="D6YvgLKg4oj2Ksk_cYhO3fijbmxZWib7wqqHTJyfftQ" />
<script src="https://js.stripe.com/clover/stripe.js"></script>
<meta name="env" content="{{ app.environment}}">
{% block canonical_url %}{% endblock %}