Deuxfleurs/nixcfg
17
6
Fork 2
Code Issues 9 Pull requests 2 Projects Releases Wiki Activity

final csp

Browse source
This commit is contained in:
Quentin 2023-07-23 14:36:04 +02:00
parent 233556e9ef
commit aaa80ae678
Signed by: quentin
GPG key ID: E9602264D639FF68
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
cluster/prod/app/garage/deploy/garage.hcl
View file

@ -98,8 +98,7 @@ job "garage" {
tags = [
"garage-web",
"tricot * 1",
#"tricot-add-header Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://code.jquery.com/; frame-ancestors 'self'",
"tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'",
"tricot-add-header Content-Security-Policy default-src https: 'unsafe-inline'; object-src 'none'",
"tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload",
"tricot-add-header X-Frame-Options SAMEORIGIN",
"tricot-add-header X-XSS-Protection 1; mode=block",