security stuff
This commit is contained in:
@@ -120,6 +120,7 @@ const CSP_DIRECTIVES = [
|
|||||||
"script-src-elem 'self' https://challenges.cloudflare.com",
|
"script-src-elem 'self' https://challenges.cloudflare.com",
|
||||||
"style-src 'self'",
|
"style-src 'self'",
|
||||||
"style-src-elem 'self'",
|
"style-src-elem 'self'",
|
||||||
|
"style-src-attr 'unsafe-inline'",
|
||||||
"img-src 'self' data: blob: https://*.basemaps.cartocdn.com https://basemaps.cartocdn.com",
|
"img-src 'self' data: blob: https://*.basemaps.cartocdn.com https://basemaps.cartocdn.com",
|
||||||
"font-src 'self' data:",
|
"font-src 'self' data:",
|
||||||
"connect-src 'self' https://challenges.cloudflare.com",
|
"connect-src 'self' https://challenges.cloudflare.com",
|
||||||
|
|||||||
Reference in New Issue
Block a user