mirror of
https://github.com/neocities/neocities.git
synced 2025-04-24 17:22:35 +02:00
add CSP, remove gravicons that are now blocked by it
This commit is contained in:
Kyle Drake
parent
cee8da725f
commit
0ef9bdefce
3 changed files with 7 additions and 30 deletions
10
app.rb
10
app.rb
|
|
@ -91,9 +91,13 @@ after do
|
|||
end
|
||||
end
|
||||
|
||||
#after do
|
||||
#response.headers['Content-Security-Policy'] = %{block-all-mixed-content; default-src 'self'; connect-src 'self' https://api.stripe.com https://assets.hcaptcha.com; frame-src https://assets.hcaptcha.com https://js.stripe.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://hcaptcha.com https://assets.hcaptcha.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: }
|
||||
#end
|
||||
after do
|
||||
response.headers['Content-Security-Policy'] = %{default-src 'self' 'unsafe-inline'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com; style-src 'self' https://hcaptcha.com, https://*.hcaptcha.com; connect-src 'self' https://hcaptcha.com, https://*.hcaptcha.com https://api.stripe.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com}
|
||||
end
|
||||
|
||||
connect-src, https://api.stripe.com, https://maps.googleapis.com
|
||||
frame-src, https://js.stripe.com, https://hooks.stripe.com
|
||||
script-src, https://js.stripe.com, https://maps.googleapis.com
|
||||
|
||||
not_found do
|
||||
api_not_found if @api
|
||||
|
|
|
|||
|
|
@ -1,26 +0,0 @@
|
|||
<hr />
|
||||
<section>
|
||||
<h1 class="beta txt-Center">The Neocities Team</h1>
|
||||
|
||||
<div class="row txt-Center">
|
||||
<div class="col col-50">
|
||||
<a href="https://kyledrake.neocities.org" title="Visit Kyle's Website">
|
||||
<img src="https://0.gravatar.com/avatar/62a43048a3c2c688654274abdc0ecb9c?d=https%3A%2F%2Fidenticons.github.com%2Ffde07ba82b25f95afa9d080819f95717.png&r=x&s=440" alt="kyle drake" class="pic-Rounded" />
|
||||
</a>
|
||||
<br />
|
||||
<a href="https://kyledrake.neocities.org" title="Kyle Drake" class="eps">Kyle Drake</a>
|
||||
</div>
|
||||
<div class="col col-50">
|
||||
<a href="https://victoria.neocities.org" title="Visit Victoria's Website">
|
||||
<img src="https://1.gravatar.com/avatar/2b577f8b3e5ab79bc927ed5185c0eae0?d=https%3A%2F%2Fidenticons.github.com%2Fe03006819f4a835afa237716f6701c95.png&r=x&s=440" alt="Victoria Wang" class="pic-Rounded" />
|
||||
</a>
|
||||
<br />
|
||||
<a href="https://victoria.neocities.org" title="Visit Victoria's Website" class="eps">Victoria Wang</a>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
<section>
|
||||
<h2 class="txt-Center">Follow us on <a href="https://twitter.com/neocities">Twitter</a> or <a href="https://www.facebook.com/neocities">Facebook</a></h2>
|
||||
</section>
|
||||
|
|
@ -27,5 +27,4 @@
|
|||
<a href="/">Get Started</a>
|
||||
</p>
|
||||
</article>
|
||||
<%== erb :'_team', layout: false %>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue