73 lines
2.5 KiB
YAML
73 lines
2.5 KiB
YAML
nelmio_security:
|
|
# Content Security Policy (CSP)
|
|
referrer_policy:
|
|
enabled: true
|
|
policies:
|
|
- 'strict-origin-when-cross-origin'
|
|
content_type:
|
|
nosniff: true
|
|
clickjacking:
|
|
paths:
|
|
'^/.*': DENY
|
|
permissions_policy:
|
|
enabled: true
|
|
policies:
|
|
camera: [self] # Correct : sans les guillemets simples internes
|
|
microphone: [self] # Correct
|
|
geolocation: [self] # Correct
|
|
fullscreen: [self] # Correct
|
|
payment: [self] # Correct
|
|
# Si tu veux bloquer une fonction pour tout le monde :
|
|
usb: []
|
|
csp:
|
|
hash:
|
|
algorithm: 'sha256'
|
|
enforce:
|
|
default-src: ["'self'"]
|
|
object-src: ["'none'"]
|
|
base-uri: ["'self'"]
|
|
worker-src: ["'self'"]
|
|
script-src:
|
|
- "'self'"
|
|
- "nonce"
|
|
- "'strict-dynamic'"
|
|
- "https://sentry.esy-web.dev"
|
|
- "https://chat.esy-web.dev"
|
|
- "https://auth.esy-web.dev"
|
|
- "https://static.cloudflareinsights.com"
|
|
- "https://challenges.cloudflare.com"
|
|
- "https://unpkg.com"
|
|
connect-src:
|
|
- "'self'"
|
|
- "https://sentry.esy-web.dev"
|
|
- "https://chat.esy-web.dev"
|
|
- "https://auth.esy-web.dev"
|
|
- "https://cloudflareinsights.com"
|
|
- "https://challenges.cloudflare.com"
|
|
- "https://tools-security.esy-web.dev"
|
|
- "https://checkout.stripe.com/"
|
|
- "https://unpkg.com/"
|
|
frame-src:
|
|
- "'self'"
|
|
- "https://chat.esy-web.dev"
|
|
- "https://auth.esy-web.dev"
|
|
- "https://challenges.cloudflare.com"
|
|
style-src:
|
|
- "'self'"
|
|
- "'unsafe-inline'"
|
|
- "https://chat.esy-web.dev"
|
|
- "https://unpkg.com"
|
|
img-src:
|
|
- "'self'"
|
|
- "data:"
|
|
- "https://chat.esy-web.dev"
|
|
- "https://*.tile.openstreetmap.org"
|
|
- "https://unpkg.com"
|
|
font-src:
|
|
- "'self'"
|
|
- "data:"
|
|
frame-ancestors: ["'none'"]
|
|
# Optionnel : forcer le passage en HTTPS
|
|
upgrade-insecure-requests: true
|
|
|