Tweak CORS rules for www.jotoho.de

2023-03-25 14:10:53 +01:00 · 2023-03-25 14:10:53 +01:00 · f0bd8d0ea6
commit f0bd8d0ea6
parent 55a782d910
1 changed files with 1 additions and 1 deletions
--- a/www.jotoho.de/Caddyfile
+++ b/www.jotoho.de/Caddyfile
@ -1,6 +1,6 @@
 http://www.jotoho.de

-header Content-Security-Policy "default-src 'self' https://jotoho.de https://*.jotoho.de; base-uri 'self' https://jotoho.de https://*.jotoho.de; upgrade-insecure-requests;"
+header Content-Security-Policy "default-src 'self' https://jotoho.de https://*.jotoho.de 'unsafe-inline' 'strict-dynamic'; base-uri https://jotoho.de https://*.jotoho.de; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;"

 file_server {
    root /site/