~gpanders/gpanders.com

1f3003bed63e703aba1e36b005ebe856add07d2c — Gregory Anders 3 months ago 246fd07
Add unsafe-inline to script-src CSP
1 files changed, 2 insertions(+), 2 deletions(-)

M netlify.toml
M netlify.toml => netlify.toml +2 -2
@@ 19,11 19,11 @@
[[headers]]
  for = "/*"
  [headers.values]
    Content-Security-Policy = "default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-8S1XWfApyYBGTRzR9CQ2UBCcYX34oUCUVY/1zndCEd4='"
    Content-Security-Policy = "default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'"
    X-Content-Type-Options = "nosniff"
    X-Frame-Options = "SAMEORIGIN"

[[headers]]
  for = "/blog/introducing-ijq/"
  [headers.values]
    Content-Security-Policy = "default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-8S1XWfApyYBGTRzR9CQ2UBCcYX34oUCUVY/1zndCEd4='; img-src 'self' https://asciinema.org"
    Content-Security-Policy = "default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self' https://asciinema.org"