zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

fixes for a few missing csp entries needed

Browse source
This commit is contained in:
Kyle Drake 2024-01-05 14:47:20 -06:00
parent 0ef9bdefce
commit 8c5a8b6f22
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app.rb
View file

@ -92,7 +92,7 @@ after do
end
after do
response.headers['Content-Security-Policy'] = %{default-src 'self' 'unsafe-inline'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com; style-src 'self' https://hcaptcha.com, https://*.hcaptcha.com; connect-src 'self' https://hcaptcha.com, https://*.hcaptcha.com https://api.stripe.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com}
response.headers['Content-Security-Policy'] = %{default-src 'self' data: blob: 'unsafe-inline'; script-src 'self' blob: 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com; style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://api.stripe.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com}
end
connect-src, https://api.stripe.com, https://maps.googleapis.com