✨ feat(caddy): Met à jour la politique de sécurité du contenu pour plus de granularité.
This commit is contained in:
Serreau Jovann
@@ -21,7 +21,7 @@ www.e-cosplay.fr {
|
|||||||
header {
|
header {
|
||||||
-X-Robots-Tag
|
-X-Robots-Tag
|
||||||
Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()"
|
Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()"
|
||||||
Content-Security-Policy "default-src 'self'; script-src 'self' datas.e-cosplay.fr *.cloudflareinsights.com storage.googleapis.com *.trustpilot.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; img-src 'self'; frame-src *.trustpilot.com; connect-src 'self' datas.e-cosplay.fr www.e-cosplay.fr;"
|
Content-Security-Policy "base-uri 'self'; default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' https://datas.e-cosplay.fr https://*.cloudflareinsights.com https://storage.googleapis.com https://*.trustpilot.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.e-cosplay.fr; frame-src 'self' https://*.trustpilot.com;"
|
||||||
}
|
}
|
||||||
|
|
||||||
php_fastcgi unix//run/php/php8.3-fpm.sock {
|
php_fastcgi unix//run/php/php8.3-fpm.sock {
|
||||||
|
|||||||
Reference in New Issue
Block a user