security stuff
This commit is contained in:
@@ -120,6 +120,7 @@ const CSP_DIRECTIVES = [
|
||||
"script-src-elem 'self' https://challenges.cloudflare.com",
|
||||
"style-src 'self'",
|
||||
"style-src-elem 'self'",
|
||||
"style-src-attr 'unsafe-inline'",
|
||||
"img-src 'self' data: blob: https://*.basemaps.cartocdn.com https://basemaps.cartocdn.com",
|
||||
"font-src 'self' data:",
|
||||
"connect-src 'self' https://challenges.cloudflare.com",
|
||||
|
||||
Reference in New Issue
Block a user