admin/e-cosplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(caddy): Ajoute une politique de sécurité de contenu plus stricte.

Browse Source
This commit is contained in:
Serreau Jovann
2025-11-16 22:44:06 +01:00
parent 84ab86a085
commit 9a6949209c
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ansible/templates/caddy.j2
View File

@@ -10,6 +10,17 @@ www.e-cosplay.fr {
}
header {
Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()"
Content-Security-Policy "
default-src 'none';
script-src 'self' *.cloudflare.com;
img-src 'self' *.cloudflare.com data:;
style-src 'self' *.cloudflare.com;
connect-src 'self' *.cloudflare.com;
base-uri 'self';
form-action 'self';
object-src 'none';
frame-ancestors 'self';
"
}
php_fastcgi unix//run/php/php8.3-fpm.sock {