From 3482846159caec61d1377a4a9264e60f12d67c18 Mon Sep 17 00:00:00 2001 From: Henk Verlinde Date: Thu, 5 Nov 2020 16:19:35 +0100 Subject: [PATCH] config: update csp --- assets/js/app.js | 14 -------------- layouts/index.headers | 2 +- layouts/partials/head/script-header.html | 1 - 3 files changed, 1 insertion(+), 16 deletions(-) diff --git a/assets/js/app.js b/assets/js/app.js index 4db9115..3d05a28 100644 --- a/assets/js/app.js +++ b/assets/js/app.js @@ -13,20 +13,6 @@ if (localStorage.getItem('theme') === 'dark') { } -/* eslint-disable */ -/* -window.plausible = window.plausible || function() { (window.plausible.q = window.plausible.q || []).push(arguments) } - -if (document.querySelector('#deploy-to-netlify') !== null) { - - document.getElementById('deploy-to-netlify').addEventListener('click', function(){ - plausible('Deploy to Netlify'); - }); - -} -*/ -/* eslint-enable */ - var suggestions = document.getElementById('suggestions'); var userinput = document.getElementById('userinput'); diff --git a/layouts/index.headers b/layouts/index.headers index 3716436..284022a 100644 --- a/layouts/index.headers +++ b/layouts/index.headers @@ -2,7 +2,7 @@ Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block - Content-Security-Policy: default-src 'self'; manifest-src 'self'; connect-src 'self' https://stats.gethyas.com https://*.algolia.net https://*.algolianet.com https://*.algolia.io; font-src 'self'; img-src 'self' data: https://www.netlify.com; script-src 'self' 'unsafe-eval' 'nonce-dXNlcj0iaGVsbG8iLGRvbWFpbj0iaGVua3ZlcmxpbmRlLmNvbSIsZG9jdW1lbnQud3JpdGUodXNlcisiQCIrZG9tYWluKTs=' https://stats.gethyas.com; style-src 'self' + Content-Security-Policy: default-src 'none'; manifest-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self' X-Frame-Options: SAMEORIGIN Referrer-Policy: strict-origin Feature-Policy: geolocation 'self' diff --git a/layouts/partials/head/script-header.html b/layouts/partials/head/script-header.html index 8baabaa..e69de29 100644 --- a/layouts/partials/head/script-header.html +++ b/layouts/partials/head/script-header.html @@ -1 +0,0 @@ - \ No newline at end of file